Instant Access (IA). Cisco Catalyst 6800ia Switch , Catalyst 6503-E Switch , Catalyst 6807-XL Switch , Catalyst 6504-E Switch , Catalyst 6840-X Switch , Catalyst 6506-E Switch , Catalyst 6880-X Switch , EOL Details, Catalyst 6509-E Switch , Catalyst C6816-X-LE Switch
Add to My manuals1292 Pages
Cisco Catalyst 6800 Series Switches are high-performance, modular switches that provide a comprehensive range of features for enterprise and data center networks. With their豐富的端口密度、先进的QoS功能和可扩展的架构, they are ideal for supporting a wide variety of applications, including voice, video, and data. The 6800 series switches offer exceptional performance and reliability, making them a valuable asset for any network.
advertisement
C H A P T E R
13
Instant Access (IA)
•
•
•
•
•
Prerequisites for Instant Access, page 13-1
Restrictions for Instant Access, page 13-2
Information About Instant Access, page 13-6
Default Settings for Instant Access, page 13-7
How to Configure Instant Access, page 13-7
Note •
•
For complete syntax and usage information for the commands used in this chapter, see these publications: http://www.cisco.com/en/US/products/ps11846/prod_command_reference_list.html
Cisco IOS Release 15.4SY supports only Ethernet interfaces. Cisco IOS Release 15.4SY does not support any WAN features or commands.
Prerequisites for Instant Access
•
•
•
An IA parent—A VSS-mode Catalyst 6800 switch or a VSS-mode Cisco Catalyst 6880-X switch or a VSS-mode Catalyst 6500 switch equipped with a Supervisor Engine 2T and one or more
WS-X6904-40G-2T , C6800-32P10G/XL , C6800-16P10G/XL , and C6800-8P10G/XL switching modules, configured to support 1/10GE links.
IA clients— Catalyst 6800ia access switches
See this publication for more information: http://www.cisco.com/en/US/prod/collateral/switches/ps10902/ps715/ps13198/data_sheet_c78-72
8230.html
See this publication for more information about Instant Access: http://www.cisco.com/en/US/prod/collateral/switches/ps10902/ps715/ps13198/white_paper_c11-7
28265.html
Supervisor Engine 2T Software Configuration Guide, Release 15.4SY
13-1
Chapter 13 Instant Access (IA)
Restrictions for Instant Access
• For image download during ISSU upgrade, remove ip tftp source-interface config on IA Parent, and add a static route to copy the image through mgmt interface.
Restrictions for Instant Access
• The IA parent must operate in VSS mode.
Note • You can enable VSS mode on a single chassis to support IA clients.
• The VSS Quad-Sup SSO (VS4O) feature is supported with IA clients from Release
15.1(2)SY2.
• The IA parent-client connection is supported on links between WS-X6904-40G-2T,
C6800-32P10G/XL, C6800-16P10G/XL, and C6800-8P10G/XL switching modules 1/10GE ports and Catalyst 6800ia access switches 10GE ports.
– You can use up to 8 IA client 10GE ports in the IA parent-client link. See this document for information about the port configuration for WS-X6904-40G-2T, C6800-32P10G/XL,
C6800-16P10G/XL, and C6800-8P10G/XL switching modules:
–
–
–
– http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps708/white_paper_c11-696669
.html
IA client 10-Gigabit Ethernet ports require no configuration.
UDLD, LLDP, and CDP are not supported on the IA parent-client link.
IA does not use STP on the IA parent-client connection.
Use only XL based modules for scale FEX QoS configuration to prevent issues with TCAM
(ternary content-addressable memory) utilization. When QoS policy is configured on 1500 FEX host ports, the first 511 interfaces share the TCAM utilization. But, remaining ports will start using new TCAM entries for each interface and will exhaust non-XL TCAM utilization.
Supervisor Engine 2T Software Configuration Guide, Release 15.4SY
13-2
Chapter 13 Instant Access (IA)
Restrictions for Instant Access
• IA client maximum values:
Value Description:
Maximum IA client ports
Maximum IA client stacks
Maximum Value
2016 ports across 42 Catalyst 6800ia access switches
Note The Supervisor Engine 2T module can support only up to 1200 FEX host ports with 15.2(1)SY and 15.2(1)SY0a and up to 1536 FEX host ports with 15.2(1)SY1 and later.
42 (defined by IA client FEX number 1–42 range.)
Note The Supervisor Engine 2T module can support only up to 25 IA client switches with 15.2(1)SY and 15.2(1)SY0a and up to 32 IA client switches with 15.2(1)SY1 and later. The Supervisor Engine
2T module can support up to 42 Cat3560CX switches as IA client.
Maximum Catalyst 6800ia access switches per IA client stack
5
•
•
Maximum number of VLANs per IA client stack
Maximum Number of Port Channels
•
An IA client stack acts as single switch unit.
Instant access only supports connection with stacking cables to form a stack.
With an IA client that has multiple Catalyst 6800ia access switches, the switches in the stack assign incrementing switch numbers to themselves
(automatic stacking capability).
• If you add Catalyst 6800ia access switches to a configured IA client, the additional switches assign incrementing switch numbers to themselves.
•
You can set upto 1,000 VLANs, we recommend to set not more than 20 VLANs per FEX.
512
The IA client configuration does not persist if the access switch number changes.
• IA client ports do not support these features:
– Configuring EtherChannels with a combination of FEX Ports using different FEX-IDs or a combination of FEX host port and an IA parent linecard port is not supported. However, FEX host port channel from the same FEX is supported.
–
–
–
–
FEX host port EtherChannel load balancing is not supported.
Port debounce timer
UDLR tunnel ARP and IGMP proxy
Uni-Directional Link Routing (UDLR)
Supervisor Engine 2T Software Configuration Guide, Release 15.4SY
13-3
Chapter 13 Instant Access (IA)
Restrictions for Instant Access
– IEEE 802.1Q tunneling
–
–
VLAN Mapping
VLAN Translation
–
–
IEEE 802.1Q custom ethertypes
L2PT - Layer 2 protocol tunneling
–
–
L2PT - Layer 2 protocol tunneling on trunk ports
802.1ad tunneling
–
–
Port security on 802.1Q tunnel ports
Private VLANs (PVLAN)
–
–
VACL capture
Per-VLAN load balancing for Advanced QinQ service mapping
–
–
Cisco TrustSec NDAC (Network Device Admission Control)
Cisco TrustSec confidentiality and integrity with MACsec (IEEE 802.1AE)
–
–
Cisco TrustSec identity port mapping
Network edge authentication topology (NEAT)
–
–
AutoQoS
MQC queuing policy support
–
–
QoS aggregated DSCP values for WRED
QoS aggregated precedence values for WRED
–
–
Class based weighted fair queuing (CBWFQ)
Class-based shaping
–
–
DiffServ-compliant dWRED
Diffserv-compliant WRED
–
–
Selective packet discard (SPD)
Weighted fair queueing (WFQ)
–
–
Weighted RED (WRED)
QoS policer rate increase to 256G
–
–
Ethernet over MPLS (EoMPLS) - IEEE 802.1q Tag Stacking
H-VPLS N-PE redundancy for QinQ access
–
–
Connectivity fault management (CFM)
Ethernet connectivity fault management (E-CFM)
–
–
Ethernet local management interface (LMI) at provider edge (PE)
Ethernet operations, administration, and Maintenance (OAM)
–
–
Ethernet-OAM 3.0: CFM over BD, Untagged
IEEE 802.1ag - D8.1 standard Compliant CFM, Y.1731 multicast LBM / AIS / RDI / LCK, IP
SLA for Ethernet
– IEEE 802.1ag Compliant CFM (D8.1)
13-4
Supervisor Engine 2T Software Configuration Guide, Release 15.4SY
Chapter 13 Instant Access (IA)
Restrictions for Instant Access
•
•
•
•
To use an IA client port as a SPAN destination, add the IA client port VLAN to the SPAN allowed
VLAN list with the switchport trunk allowed vlan command.
When FEX IA parent-client link portchannel is configured as SPAN source in Tx direction or both directions, the SPAN destination should not be on the same FEX. This is applicable for both stacked and standalone FEX.
When a queuing policy is attached to a FEX interface or removed from a FEX interface, the policy will be propagated to all the interfaces in the same FEX stack. In the case of a module deletion (using module provision command) from a FEX stack the policy will be removed from the remaining modules in the same stack. This is because the module deletion will trigger a removal policy event for the interfaces and any delete policy event will propagate to all the interfaces in the stack. This is expected behavior from the current design point of view.
IA client port QoS:
– Configure ingress QoS on the IA parent port-channel interface.
–
–
The egress QoS configuration on IA client ports is not configurable.
Port architecture (Rx/Tx): 1p3q3t
1p3q3t strict-priority egress queue (queue 1)
1p3q3t standard egress queue 2
(high priority)
CoS
DSCP
Not supported
32, 33, 40–47
Tail-drop 100% (nonconfigurable)
WRED-drop Not supported
Threshold 1 CoS
DSCP
Not supported
16–23, 26–31, 34–39
Tail-drop Disabled; 100%
WRED-drop Not supported
Thresholds 2 CoS
DSCP
Not supported
24
Tail-drop Disabled; 100%
WRED-drop Not supported
Thresholds 3 CoS
DSCP
Not supported
48-63
Tail-drop Disabled; 100%
WRED-drop Not supported
Supervisor Engine 2T Software Configuration Guide, Release 15.4SY
13-5
Chapter 13 Instant Access (IA)
Information About Instant Access
1p3q3t standard egress queue 3
(medium priority)
1p3q3t standard egress queue 4
(lowest priority)
Threshold 1 CoS
DSCP
Not supported
25
Tail-drop Disabled; 70%
WRED-drop Not supported
Threshold 2 CoS
DSCP
Not supported
None.
Tail-drop Disabled; 100%
WRED-drop Not supported
Thresholds 3 CoS
DSCP
Not supported
0–7
Tail-drop Disabled; 100%
WRED-drop Not supported
Threshold 1 CoS
DSCP
Not supported
8, 9, 11, 13, 15
Tail-drop Disabled; 70%
WRED-drop Not supported
Threshold 2 CoS
DSCP
Not supported
10, 12, 14
Tail-drop Disabled; 100%
WRED-drop Not supported
Threshold 3 CoS
DSCP
Not supported
None.
Tail-drop Disabled; 100%
WRED-drop Not supported
• Maximum dot1x hosts supported with IBNS 1.0 configuration is 1000.
Information About Instant Access
The Instant Access (IA) feature supports multiple Catalyst 6800ia access switches that function as clients of the IA parent switch. The IA parent and client switches form a single extended switch with a single management domain, managed by the IA parent.
The IA parent uses the Satellite Discovery Protocol (SDP) and the Satellite Registration Protocol (SRP) to automatically discover IA clients when they connect and monitor the IA client-parent link. The
IA parent upgrades the IA client software image if it is not the same as the parent FEX Image Bundle.
The IA parent features are applied to IA client FEX ports. The IA clients do not perform any local packet forwarding. All traffic originating from IA client ports are sent to the IA parent, which makes all the switching and forwarding decisions.
13-6
Supervisor Engine 2T Software Configuration Guide, Release 15.4SY
Chapter 13 Instant Access (IA)
Default Settings for Instant Access
The IA client switches support the following online diagnostic tests:
•
•
TestFexModeLoopback, page A-4
TestFexFabricLinkStatus, page A-39
Default Settings for Instant Access
None.
How to Configure Instant Access
•
•
•
•
•
•
•
•
•
•
•
Configure Instant Access Staggered Initialization Mode, page 13-7
Enable FEX Auto-Config, page 13-8
Enable IA Client Preprovisioning, page 13-8
Configure Instant Access Port-Channel Interfaces, page 13-9
Configure Instant Access Channel Groups, page 13-9
Identify Connected IA Client Stack Modules, page 13-10
Renumbering FEX Switch-ID, page 13-11
Configure IA Clients, page 13-14
Display or Clear SDP and SRP Traffic, page 13-14
Upgrade FEX using In-Service Software Upgrade (ISSU) Process, page 13-14
Configure Optional Parameters for an IA Client, page 13-15
Configure Instant Access Staggered Initialization Mode
Instant Access staggered initialization mode avoids any excessively high CPU utilization that might occur if multiple IA clients attempt to initialize simultaneously. To configure Instant Access staggered initialization mode, perform this task:
Command
Router(config)# fex stagger delay_value
Purpose
Configures Instant Access staggered initialization mode.
The delay_value can be 0 through 500.
Note The recommended delay_value is 120.
This example shows how to configure Instant Access staggered mode:
Router# configure terminal
Router(config)# fex stagger 120
Supervisor Engine 2T Software Configuration Guide, Release 15.4SY
13-7
Chapter 13 Instant Access (IA)
How to Configure Instant Access
Enable FEX Auto-Config
FEX Auto-config mode allows increased scalability with reduced configuration. Configuration using
Auto-config includes FEX ID selection, Port-channel ID selection, converting RSL port to FEX-fabric mode, and RSL port bundling.
To enable FEX auto-config, perform this task:
Command
Router(config)# fex auto-config
Purpose
Enable FEX auto-config support globally.
This example shows how to configure FEX auto-config mode:
Router# configure terminal
Router(config)# fex auto-config
Enable IA Client Preprovisioning
To allow IA client port configuration before the IA client is connected, perform this task:
Command
Router# module provision create fex fex_number type { C6800IA-48FPD | C6800IA-48TD | C6800IA-48FPDR |
WS-C3560CX-12PD-S | WS-C3560CX-8XPD-S }
[ slot switch_number ]
Purpose
Enables IA client port configuration before the IA client is connected. Enter the slot switch_number keyword and argument to enable configuration of a specific
IA client stack member or an additional stack member before it is added to the IA client stack.
WS-C3560CX-8XPD-S and WS-C3560CX-12PD-S will undergo a number of reloads as FEX client before coming online based on the following conditions:
• Reload1: To convert itself from switch mode to FEX mode on receiving the SDP packet from controller
•
•
Reload2: If a mismatch of IOS version occurs between FEX controller and FEX client, the FEX client downloads the image from controller and boots up.
Reload3: If a mismatch of MTU occurs between FEX controller and FEX client, the FEX client reloads again to change the MTU of FEX host ports.
13-8
Supervisor Engine 2T Software Configuration Guide, Release 15.4SY
Chapter 13 Instant Access (IA)
How to Configure Instant Access
Configure Instant Access Port-Channel Interfaces
To create a port channel interface to support IA clients, perform this task:
Command Purpose
Step 1 Router(config)# interface port-channel group_number Creates the port channel interface. The group_number can be 1 through 512, up to a maximum of 512 port-channel interfaces (42 port-channel interfaces can be used to support IA clients).
Note If desired, you can configure the group_number to match the IA client FEX number.
Step 2 Router(config-if)# switchport
Step 3 Router(config-if)# switchport mode fex-fabric
Step 4 Router(config-if)# fex associate fex_number
Configures the port channel interface for Layer 2 switching.
Configures the port channel interface to support IA clients.
Configures the IA client FEX number.
• The valid value range is 101–199.
• Maximum of 42 IA client FEX numbers.
This example shows how to create port channel interface 1 and configure it to support
IA FEX number 118:
Router# configure terminal
Router(config)# interface port-channel 118
Router(config-if)# switchport
Router(config-if)# switchport mode fex-fabric
Router(config-if)# fex associate 118
Configure Instant Access Channel Groups
To configure channel groups to support IA clients, perform this task for the 10 Gigabit Ethernet LAN ports that connect to IA clients:
Command
Step 1 Router(config)# interface range first_10ge_port, last_10ge_port
Step 2 Router(config-if)# switchport
Step 3 Router(config-if)# switchport mode fex-fabric
Step 4 Router(config-if)# channel-group group_number mode on
Purpose
Selects the ports to configure.
Configures the port channel interface for
Layer 2 switching.
Configures the port channel interface to support IA clients.
Configures the LAN port in an IA Client port channel and configures the mode as on .
Note More links can be added to the channel group at any time.
Supervisor Engine 2T Software Configuration Guide, Release 15.4SY
13-9
Chapter 13 Instant Access (IA)
How to Configure Instant Access
This example shows how to configure 10 Gigabit Ethernet ports 1/2/5 and 2/2/5 into port channel 118 with mode on :
Router# configure terminal
Router(config)# interface range tengigabitethernet 1/2/5, 2/2/5
Router(config-if)# switchport
Router(config-if)# switchport mode fex-fabric
Router(config-if)# channel-group 118 mode on
Router(config-if)# end
This example shows how to verify the IA configuration when the IA client is connected:
Router# show fex 118 detail
FEX: 118 Description: FEX0118 state: online
FEX version: version_string
Extender Model: C6800IA-48TD, Extender Serial: serial_number
FCP ready: yes
Image Version Check: enforced
Fabric Portchannel Ports: 2
Fabric port for control traffic: Te1/2/5
Fabric interface state:
Po20 - Interface Up.
Te1/2/5 - Interface Up. state: bound
Te2/2/5 - Interface Up. state: bound
Identify Connected IA Client Stack Modules
•
•
•
Identify IA Client Stack Modules by Serial Number, page 13-10
Identify IA Client Modules by Beacon LED, page 13-10
Identify IA Client Stack Modules by Serial Number
This example shows how to identify IA client stack modules by serial number:
Router# show mod fex 101
Switch Number: 101 Role: FEX
Mod Ports Card Type Model Serial No.
--- ----- -------------------------------------- ------------------ -----------
1 48 C6800IA 48GE C6800IA-48TD FOC1737W0PF
2 48 C6800IA 48GE POE C6800IA-48FPD FOC1736Z036
3 48 C6800IA 48GE C6800IA-48TD FOC1737W0NP
4 48 C6800IA 48GE POE C6800IA-48FPD FOC1741S58N
5 48 C6800IA 48GE POE C6800IA-48FPD FOC1736Z03L
Identify IA Client Modules by Beacon LED
Router(config)# hw-module fex <> slot <> led beacon
This example shows how to activate the beacon LED on IA client 118, slot 1:
Supervisor Engine 2T Software Configuration Guide, Release 15.4SY
13-10
Chapter 13 Instant Access (IA)
How to Configure Instant Access
Router(config)# hw-module fex 118 slot 1 led beacon
This example shows how to verify the beacon LED on IA client 118, slot 1:
Router(config)# show hw-module fex led beacon
C6K FEX BLUE BEACON CONFIG
---------------------------------hw-module fex 118 slot 1 led beacon
Easy FEX
Easy FEX allows interface naming of FEX host port interfaces. To create interface naming, perform this task:
Command
Router(config-if)# alias string
Router(config-fex)# alias string
Router(config)# interface alias string
Purpose
Configures alias under native FEX interface sub-mode.
Configures a common alias name for all the FEX interfaces under a particular FEX-id.
Configures interface with the help of alias set.
This example shows all aliases using ‘all’ keyword: fex-vss# show interfaces alias all
Interface Name Alias
---------------------------------------- --------------------
TenGigabitEthernet1/4/5 test
GigabitEthernet101/1/0/1 my_fex_loc_A/1/0/1
GigabitEthernet101/1/0/2 my_fex_loc_A/1/0/2
GigabitEthernet101/1/0/3 my_fex_loc_A/1/0/3
GigabitEthernet101/1/0/4 my_fex_loc_A/1/0/4
GigabitEthernet101/1/0/5 my_fex_loc_A/1/0/5
Renumbering FEX Switch-ID
The renumbering of IA clients can be managed using switch-id allocation from controller, after stack boot up. Also, a priority can be assigned to the FEX members to take over as the master switch.
The following conditions must exist for successful execution of FEX switch-id allocation:
–
–
For renumbering, the source slot should be online and the target slot should be offline.
If the source slot FEX type is different than target slot FEX type, the interface configurations will be lost if you proceed with renumbering.
–
–
–
–
Same target slot cannot be used for renumbering multiple source slots.
Same source slot cannot be renumbered to multiple target slot.
You can enter multiple renumbering entries along with different swapping scenarios.
When priority is modified for a member IA, the whole stack will reload.
Supervisor Engine 2T Software Configuration Guide, Release 15.4SY
13-11
Chapter 13 Instant Access (IA)
How to Configure Instant Access
– During In Service Software Upgrade (ISSU) process, switch-id renumbering or priority changes are not allowed.
To renumber FEX switch-id and assign priority, perform this task:
Command
Step 1 Switch# module provision update fex fex_id
Purpose
Enters into switch renumber sub-mode.
Renumbers source_slot to target_slot Step 2 Switch(exec-fex-update)# renumber source_slot to target_slot
Step 3 Switch(exec-fex-update)# priority source_slot value number
Assigns the mentioned priority number to the source_slot.
Step 4 Switch(exec-fex-update)# commit Commits all entries entered under exec-fex-update sub-mode.
Note After the commit operation, you will be prompted whether you want to release the old source-vslot or not. This confirmation will not be asked only in a switch-id swap scenario (for example, renumber 1 to
2 and renumber 2 to 1) because both renumbering are done in a single commit operation.
To renumber FEX switch-id when scale is set to maximum FEX slots, perform this task:
Command
Step 1 Switch# module provision update fex fex_id temp-vslot-allow enable
Step 2 Switch# module provision update fex fex_id
Purpose
When maximum vslots are already allocated, temp-vslot-allow will enable the temporary vslot module to come online.
Enters into switch renumber sub-mode.
Step 3 Switch(exec-fex-update)# renumber source_slot to target_slot
Renumbers source_slot to target_slot
Step 4 Switch(exec-fex-update)# priority source_slot value number
Assigns the mentioned priority number to the source_slot.
Step 5 Switch(exec-fex-update)# commit
Step 6 Switch# module provision update fex fex_id temp-vslot-allow disable
Commits all entries entered under exec-fex-update sub-mode.
Disables the temporary vslot module to go offline.
Note After the commit operation, you will be prompted whether you want to release the old source-vslot or not. This confirmation will not be asked only in a switch-id swap scenario (for example, renumber 1 to
2 and renumber 2 to 1) because both renumbering are done in a single commit operation.
Example: Renumbering FEX switch-id and setting priority
Switch# module provision update fex 101
Switch(exec-fex-update) renumber 3 to 4
Switch(exec-fex-update) priority 2 value 1
%FEX 101 will reload upon commit.
13-12
Supervisor Engine 2T Software Configuration Guide, Release 15.4SY
Chapter 13 Instant Access (IA)
How to Configure Instant Access
Are you sure you want to proceed? [no]: yes
Switch(exec-fex-update)#commit
%Do you want to release FEX 101 module 3 source interface configs(vslot) after module offline? [no]: yes
%FEX 101 All modules will reload.
Are you sure you want to proceed? [no]: yes
Example: Identifying if temporary vslot is online
This example shows how to identify when a particular temporary FEX vslot is online:
Switch# show fex system platform usage
FEX id usage details
Fex-ids inuse: 150
Fex-ids online: 150
Total Used Free
----- ---- ----
42 1 41
FEX slot usage details
FEX-id Switch-id Vslot Pslot Status
------ --------- ----- ----- ------
150 3 51 2 In-use
150 3 52 3 In-use
150 3 53 5 Reserved
150 3 55 4 In-use
150 3 92 1 Temp-In-use
Total Used Reserved Temp-Use/Free Free
----- ---- -------- ------------- ----
47 3 1 1/4 42
Current Temp vslot allowed FEXs: 150
Current Temp VSLOT usage:
------------------------
FEX 150 module 1
FEX ports usage details
FEX-id Switch-id Ports
------ --------- -----
150 3 192
Total Used Free
----- ---- ----
2016 192 1824
Stack members usage details
FEX-id Switch-id Used Free
Example: Identifying FEX IDs where temp-vslot-allow command is enabled
This example verifies the active entries under sub-mode and also the FEX IDs on which
"temp-vslot-allow" is enabled.
Switch(exec-fex-update)#show
Current module renumber mappings for FEX 101
--------------------------------------------
renumber 1 to 2
Current module Priority mappings for FEX 101
--------------------------------------------
priority 1 value 15
Temp vslots allowed:YES
Current Temp vslot allowed FEXs:101
Switch(exec-fex-update)#
Supervisor Engine 2T Software Configuration Guide, Release 15.4SY
13-13
Chapter 13 Instant Access (IA)
How to Configure Instant Access
Configure IA Clients
The configuration for IA clients can be entered on the IA parent before or after the IA clients are connected. IA client 10-Gigabit Ethernet ports require no configuration. IA client Gigabit Ethernet ports use this format: gigabitethernet / fex_number / access_switch_number /0/ port_number
– fex_number —The IA client FEX number:
—Maximum of 42 IA FEX numbers.
–
—The valid value range is 101–199. access_switch_number —The access switch number:
–
—The valid value range is 1-5.
—Multiple-switch stacks assign incrementing switch numbers to themselves.
—See the
“Identify Connected IA Client Stack Modules” section on page 13-10 .
The third interface parameter is always zero.
– The port_number valid value range is 1–48.
Note •
•
IA client configuration does not persist if the access switch number changes.
Display or Clear SDP and SRP Traffic
To display the counters that record the SDP packet traffic on IA client 118, enter the following command:
Router# show fex 118 protocol | incl SDP
130 SDP pkts sent
129 SDP pkts received
130 SDP pkts sent
129 SDP pkts received
Note The command displays a sent and received value for each link in the IA channel group.
To clear the protocol counters, enter the clear fex fex_number { sdp | srp } command.
Upgrade FEX using In-Service Software Upgrade (ISSU) Process
To upgrade the software image of the FEX hosts using ISSU process, perform the following steps:
Command
Step 1 Router# issu loadversion device:filename
Step 2 Router# issu runversion
Purpose
Initiates the ISSU process.
Forces a switchover.
13-14
Supervisor Engine 2T Software Configuration Guide, Release 15.4SY
Chapter 13 Instant Access (IA)
How to Configure Instant Access
Command
Step 3 Router# issu acceptversion
Step 4 Router# issu runversion fex < fex-id | all >
Step 5 Router# issu commitversion
Step 6 Router# show issu state detail
Purpose
Stops the rollback timer and ensures that the software upgrade is not automatically aborted during the ISSU process.
Forces a switchover of the active to the standby processor and starts the image download and upgrade procedure on the
FEX (6800IA). The FEX initiates the image download from the new software bundle of the Sup2T. If you are using
FEX stacks, the stack master initiates the image download for its members.
Upgrades the VSS standby chassis and completes the ISSU process.
Displays the state and the current version of the RPs after the ISSU process.
Configure Optional Parameters for an IA Client
•
•
•
•
Enter the IA Client Configuration Mode, page 13-15
Configure a Description, page 13-15
Configure the Custom Location Type Feature, page 13-16
Enter the IA Client Configuration Mode
To enter the IA client configuration mode, perform this task:
Command
Router(config)# fex fex_number
Purpose
Enters IA client configuration mode.
Note Sets the IA client description to FEX fex_number .
Configure a Description
To configure a description for the IA client or for each module in the IA client stack, perform this task:
Command
Router(config-fex)# [ module module_number ] description description_string
Purpose
Configures a description for the IA
FEX number or for a module in the
IA client stack.
Supervisor Engine 2T Software Configuration Guide, Release 15.4SY
13-15
Chapter 13 Instant Access (IA)
How to Configure Instant Access
Configure the Custom Location Type Feature
You can configure the custom location type feature for the IA client in IA client configuration mode. See these publications for information about the location command: http://www.cisco.com/en/US/docs/ios-xml/ios/cether/command/ce-cr-book.html
http://www.cisco.com/en/US/docs/ios-xml/ios/cether/command/ce-e1.html
Note The location commands support the optional fex-location keyword for IA clients.
Configure MTU
You can configure MTU on the IA FEX using the mtu command in fex config mode. In an IA client stack, the configured MTU value is applied to all the host members in the stack.
To configure MTU for an IA client, perform this task:
Command
Router# configure terminal
Router(config)# fex 110
Router(config-fex)# mtu 2000
Router# end
Purpose
Enters the global configuration mode.
Enters IA client configuration mode.
Resets the MTU value for the FEX system. All the FEX ports will be set to use the new MTU value.
The default MTU value for a FEX host port is
9216.
Note For Cisco Catalyst C6840 series switch, the maximum supported MTU for native interface is 9154.The default MTU value is 1500. If the MTU of peer
(Catalyst 6880 or Sup2T) is configured higher than 9154, the packet will not be processed. When using existing configuration from a Catalyst 6880 or
Sup2T, ensure that the MTU is reset or removed.
Exits the global configuration mode.
Note Reload the FEX for the MTU change to take effect.
If you want to avoid reloading the FEX, you can configure an explicit connectionless network service
(CLNS) MTU size on the IA client and peer ports as shown in the following example:
Router# configure terminal
Router(config)# interface interface Gig118/1/0/1
Router(config-if)# ip router isis
Router(config-if)# clns mtu 1497
13-16
Supervisor Engine 2T Software Configuration Guide, Release 15.4SY
advertisement
Key Features
- High port density, with up to 48 Gigabit Ethernet ports or 24 10 Gigabit Ethernet ports per switch
- Advanced QoS features, including traffic shaping, priority queuing, and congestion management
- Modular architecture, allowing for easy expansion of ports and features as needed
- Layer 2 and Layer 3 switching, providing flexibility for a wide range of network topologies
- Comprehensive security features, including access control lists, firewall, and intrusion detection
- Network management tools, including SNMP, Telnet, and CLI, for easy configuration and monitoring
Related manuals
Frequently Answers and Questions
What are the key benefits of using Cisco Catalyst 6800 Series Switches?
What types of networks are Cisco Catalyst 6800 Series Switches ideal for?
How do I configure a Cisco Catalyst 6800 Series Switch?
advertisement
Table of contents
- 41 Preface
- 41 Audience
- 41 Related Documentation
- 41 Conventions
- 42 Obtaining Documentation, Obtaining Support, and Security Guidelines
- 43 Product Overview
- 44 Supervisor Engine 2T-10GE Flash Memory Devices
- 44 Supervisor Engine 2T-10GE Ports
- 45 Supervisor Engine 2T-10GE Connectivity Management Processor (CMP)
- 45 Determining System Hardware Capacity
- 48 Module Status Monitoring
- 48 Enabling Visual Identification of Modules or Ports
- 49 User Interfaces
- 49 Software Features Supported in Hardware by the PFC and DFC
- 53 Command-Line Interfaces
- 53 Accessing the CLI
- 54 Accessing the CLI through the EIA/TIA-232 Console Interface
- 54 Accessing the CLI through Telnet
- 55 Performing Command Line Processing
- 56 Performing History Substitution
- 56 Cisco IOS Command Modes
- 58 Displaying a List of Cisco IOS Commands and Syntax
- 59 Securing the CLI
- 59 ROM-Monitor Command-Line Interface
- 61 Smart Port Macros
- 61 Prerequisites for Smart Port Macros
- 62 Restrictions for Smart Port Macros
- 63 Information About Smart Port Macros
- 63 Information about Cisco-Provided Smart Port Macros
- 64 Information about User-Created Smart Port Macros
- 64 Default Settings for Smart Port Macros
- 64 How to Configure Smart Port Macros
- 64 Using the Cisco-Provided Smart Port Macros
- 64 Using the cisco-global Smart Port Macro
- 65 Using the cisco-desktop Smart Port Macro
- 67 Using the cisco-phone Smart Port Macro
- 69 Using the cisco-switch Smart Port Macro
- 71 Using the cisco-router Smart Port Macro
- 73 Creating Smart Port Macros
- 73 Creating Smart Port Macros
- 74 Applying User-Created Smart Port Macros
- 75 Verifying the Smart Port Macro Configuration
- 77 Virtual Switching Systems
- 77 Prerequisites for VSS
- 78 Restrictions for VSS
- 78 General VSS Restrictions
- 78 VSL Restrictions
- 78 Multichassis EtherChannel (MEC) Restrictions
- 79 Dual-Active Detection Restrictions
- 80 VSS Mode Service Module Restrictions
- 80 Information About Virtual Switching Systems
- 80 VSS Overview
- 81 VSS Topology
- 81 Key Concepts
- 84 VSS Functionality
- 86 Hardware Requirements
- 88 Information about VSL Topology
- 89 VSS Redundancy
- 89 Overview
- 89 RPR and SSO Redundancy
- 90 Failed Chassis Recovery
- 91 VSL Failure
- 91 User Actions
- 91 Multichassis EtherChannels
- 91 Overview
- 92 MEC Failure Scenarios
- 94 Packet Handling
- 94 Packet Handling Overview
- 94 Traffic on the VSL
- 95 Layer 2 Protocols
- 95 Layer 3 Protocols
- 97 SPAN Support with VSS
- 98 System Monitoring
- 98 Power Management
- 98 Environmental Monitoring
- 98 File System Access
- 98 Diagnostics
- 99 Service Modules
- 99 Network Management
- 100 Dual-Active Detection
- 100 Dual-Active Detection Overview
- 100 Dual-Active Detection Using Enhanced PAgP
- 101 Dual-Active Detection Using Dual-Active Fast Hello Packets
- 101 Recovery Actions
- 101 VSS Initialization
- 101 VSS Initialization Overview
- 102 Virtual Switch Link Protocol
- 102 SSO Dependencies
- 103 Initialization Procedure
- 103 Default Settings for VSS
- 104 How to Configure a VSS
- 104 Configuring Easy VSS
- 105 Easy VSS using with-vsl-encryption
- 105 Verifying Easy VSS Configuration
- 106 Converting to a VSS
- 106 VSS Conversion Overview
- 107 Backing Up the Standalone Configuration
- 107 Configuring SSO and NSF
- 108 Assigning Virtual Switch Domain and Switch Numbers
- 109 Configuring the VSL Port Channel
- 110 Configuring the VSL Ports
- 110 Verifying the PFC Operating Mode
- 111 Converting the Chassis to Virtual Switch Mode
- 112 Auto-Configuring the Standby VSL Information
- 112 (Optional) Configuring Standby Chassis Modules
- 113 Displaying VSS Information
- 113 Converting a VSS to Standalone Chassis
- 114 Copying the VSS Configuration to a Backup File
- 114 Converting the Active Chassis to Standalone
- 114 Converting the Peer Chassis to Standalone
- 115 Configuring VSS Parameters
- 115 Configuring VSL Switch Priority
- 116 Configuring the PFC Mode
- 117 Configuring a VSL
- 117 Configuring VSL Encryption
- 119 Displaying VSL Information
- 120 Configuring VSL QoS
- 121 Subcommands for VSL Port Channels
- 121 Subcommands for VSL Ports
- 122 Configuring the Router MAC Address Assignment
- 123 Configuring Deferred Port Activation During Standby Recovery
- 123 Configuring Multichassis EtherChannels
- 124 Configuring Port Load Share Deferral on the Peer Switch
- 124 Configuring Dual-Active Detection
- 124 Configuring Enhanced PAgP Dual-Active Detection
- 126 Configuring Fast Hello Dual-Active Detection
- 127 Configuring the Exclusion List
- 127 Displaying Dual-Active Detection
- 128 Configuring Service Modules in a VSS
- 129 Opening a Session with a Service Module in a VSS
- 129 Assigning a VLAN Group to a Firewall Service Module in a VSS
- 130 Assigning a VLAN Group to an ACE Service Module in a VSS
- 130 Verifying Injected Routes in a Service Module in a VSS
- 131 Viewing Chassis Status and Module Information in a VSS
- 131 How to Upgrade a VSS
- 131 Performing a Fast Software Upgrade of a VSS
- 132 Performing an Enhanced Fast Software Upgrade of a VSS
- 133 eFSU Restrictions and Guidelines
- 134 eFSU Stages for a VSS Upgrade
- 135 Configuring and Performing an eFSU Upgrade
- 137 eFSU Upgrade Example
- 143 Enhanced Fast Software Upgrade
- 144 Prerequisites for eFSU
- 144 Restrictions for eFSU
- 145 Information About eFSU
- 145 eFSU Operation
- 146 Outage Time and Support Considerations
- 146 Reserving Module Memory
- 147 Error Handling for eFSU Preload
- 147 Default Settings for eFSU
- 147 How to Perform an eFSU
- 148 eFSU Summarized Procedure
- 148 Preparing for the Upgrade
- 149 Verifying the Boot Image Version and Boot Variable
- 149 Verifying Redundancy Mode
- 150 Verifying eFSU State
- 150 Copying the New Software Image
- 150 Loading the New Software onto the Standby Supervisor Engine
- 152 Displaying the Maximum Outage Time for Installed Modules (Optional)
- 152 Forcing a Switchover from Active to Standby
- 154 Accepting the New Software Version and Stopping the Rollback Process (Optional)
- 154 Committing the New Software to the Standby
- 154 Verifying the Software Installation
- 155 Aborting the Upgrade Process
- 156 How to Upgrade a Non-eFSU Image to an eFSU Image
- 157 Fast Software Upgrade
- 159 Stateful Switchover (SSO)
- 159 Prerequisites for SSO
- 160 Restrictions for SSO
- 160 General Restrictions
- 160 Configuration Mode Restrictions
- 160 Switchover Process Restrictions
- 161 Information About SSO
- 161 SSO Overview
- 163 SSO Operation
- 164 Route Processor Synchronization
- 164 Synchronization Overview
- 164 Bulk Synchronization During Initialization
- 164 Synchronization of Startup Configuration
- 165 Incremental Synchronization
- 166 SSO Operation
- 166 SSO Conditions
- 167 Switchover Time
- 167 Online Removal of the Active RP
- 167 Fast Software Upgrade
- 167 Core Dump Operation
- 168 SSO-Aware Features
- 168 Default Settings for SSO
- 168 How to Configure SSO
- 169 Troubleshooting SSO
- 169 Possible SSO Problem Situations
- 170 SSO Troubleshooting
- 170 Verifying the SSO Configuration
- 170 Verifying that SSO Is Configured
- 171 Verifying that SSO Is Operating on the Device
- 172 Verifying SSO Features
- 174 Configuration Examples for SSO
- 175 Nonstop Forwarding (NSF)
- 175 Prerequisites for NSF
- 176 Restrictions for NSF
- 176 General Restrictions
- 176 Restrictions for BGP NSF
- 176 Restrictions for EIGRP NSF
- 176 Restrictions for OSPF NSF
- 176 Restrictions for IS-IS NSF
- 177 Restrictions for IPv6 NSF
- 177 Information About NSF
- 177 NSF Overview
- 178 Feature Interaction with NSF
- 178 Cisco Express Forwarding
- 178 Routing Protocol Operation
- 179 BGP Operation
- 179 EIGRP Operation
- 180 IS-IS Operation
- 181 OSPF Operation
- 182 IPv6 Routing Protocol Operation
- 183 Default Settings for NSF
- 183 How to Configure NSF
- 183 Configuring and Verifying BGP for NSF
- 183 Configuring BGP for NSF
- 184 Verifying NSF for BGP
- 184 Configuring and Verifying EIGRP NSF
- 184 Configuring EIGRP for NSF
- 185 Verifying EIGRP for NSF
- 186 Configuring and Verifying OSPF NSF
- 186 Configuring OSPF for NSF
- 186 Verifying OSPF for NSF
- 187 Configuring and Verifying IS-IS NSF
- 187 Configuring NSF for IS-IS
- 188 Verifying NSF for IS-IS
- 188 Troubleshooting Cisco Nonstop Forwarding
- 189 Configuration Examples for NSF
- 189 Example: Configuring BGP NSF
- 189 Example: Configuring BGP NSF Neighbor Device
- 190 Example: Verifying BGP NSF
- 190 Example: Configuring EIGRP NSF Converge Timer
- 190 Example: EIGRP Graceful-Restart Purge-Time Timer Configuration
- 191 Example: Configuring EIGRP NSF Route-Hold Timer
- 191 Example: Configuring EIGRP NSF Signal Timer
- 191 Example: Verifying EIGRP NSF
- 192 Example: Disabling EIGRP NSF Support
- 192 Example: Configuring OSPF NSF
- 192 Example: Verifying OSPF NSF
- 193 Example: Configuring IS-IS NSF
- 193 Example: Verifying IS-IS NSF
- 195 Route Processor Redundancy (RPR)
- 195 Prerequisites for RPR
- 195 Restrictions for RPR
- 196 General RPR Restrictions
- 196 Hardware Restrictions for RPR
- 196 Information About RPR
- 197 Supervisor Engine Redundancy Overview
- 197 RPR Operation
- 198 Supervisor Engine Configuration Synchronization
- 198 Default Settings for RPR
- 198 How to Configure RPR
- 198 Configuring RPR Mode
- 199 Synchronizing the Supervisor Engine Configurations
- 199 Displaying the Redundancy States
- 200 Copying Files to the RP
- 201 Interface Configuration
- 202 Information About Interface Configuration
- 202 How to Configure a Range of Interfaces
- 202 How to Define and Use Interface-Range Macros
- 203 How to Configure Optional Interface Features
- 203 Configuring Ethernet Interface Speed and Duplex Mode
- 204 Speed and Duplex Mode Configuration Guidelines
- 204 Configuring the Ethernet Interface Speed
- 205 Setting the Interface Duplex Mode
- 205 Configuring Link Negotiation on Gigabit Ethernet Ports
- 206 Displaying the Speed and Duplex Mode Configuration
- 206 Configuring Jumbo Frame Support
- 206 Information about Jumbo Frame Support
- 208 Configuring MTU Sizes
- 209 Configuring IEEE 802.3x Flow Control
- 210 Configuring the Port Debounce Timer
- 211 Information About Online Insertion and Removal
- 211 How to Monitor and Maintain Interfaces
- 212 Monitoring Interface Status
- 212 Clearing Counters on an Interface
- 213 Resetting an Interface
- 213 Shutting Down and Restarting an Interface
- 214 How to Check Cable Status with the TDR
- 215 UniDirectional Link Detection ( UDLD)
- 215 Prerequisites for UDLD
- 215 Restrictions for UDLD
- 216 Information About UDLD
- 216 UDLD Overview
- 217 UDLD Aggressive Mode
- 218 Fast UDLD
- 218 Default Settings for UDLD
- 218 How to Configure UDLD
- 219 Enabling UDLD Globally
- 219 Enabling UDLD on LAN Interfaces
- 219 Disabling UDLD on Nonfiber-Optic LAN Interfaces
- 220 Disabling UDLD on Fiber-Optic LAN Interfaces
- 220 Configuring the UDLD Probe Message Interval
- 220 Configuring Fast UDLD
- 221 Configuring Fast UDLD on a Port
- 221 Enabling Fast UDLD Error Reporting
- 221 Resetting Disabled LAN Interfaces
- 223 Instant Access (IA)
- 223 Prerequisites for Instant Access
- 224 Restrictions for Instant Access
- 228 Information About Instant Access
- 229 Default Settings for Instant Access
- 229 How to Configure Instant Access
- 229 Configure Instant Access Staggered Initialization Mode
- 230 Enable FEX Auto-Config
- 230 Enable IA Client Preprovisioning
- 231 Configure Instant Access Port-Channel Interfaces
- 231 Configure Instant Access Channel Groups
- 232 Identify Connected IA Client Stack Modules
- 232 Identify IA Client Stack Modules by Serial Number
- 232 Identify IA Client Modules by Beacon LED
- 233 Easy FEX
- 233 Renumbering FEX Switch-ID
- 236 Configure IA Clients
- 236 Display or Clear SDP and SRP Traffic
- 236 Upgrade FEX using In-Service Software Upgrade (ISSU) Process
- 237 Configure Optional Parameters for an IA Client
- 237 Enter the IA Client Configuration Mode
- 237 Configure a Description
- 238 Configure the Custom Location Type Feature
- 238 Configure MTU
- 239 Configuring EnergyWise
- 241 Power Management
- 241 Power Management Overview
- 242 How to Enable or Disable Power Redundancy
- 243 How to Power Modules Off and On
- 243 How to Display System Power Status
- 244 How to Power Cycle Modules
- 247 Environmental Monitoring
- 247 Environmental Monitoring Overview
- 248 How to Determine Sensor Temperature Thresholds
- 249 How to Monitor the System Environmental Status
- 250 Information About LED Environmental Indications
- 253 Online Diagnostics
- 253 Prerequisites for Online Diagnostics
- 253 Restrictions for Online Diagnostics
- 254 Information About Online Diagnostics
- 254 Default Settings for Online Diagnostics
- 254 How to Configure Online Diagnostics
- 254 Setting Bootup Online Diagnostics Level
- 255 Configuring On-Demand Online Diagnostics
- 257 Scheduling Online Diagnostics
- 257 Configuring Health-Monitoring Diagnostics
- 258 How to Run Online Diagnostic Tests
- 258 Overview of Diagnostic Test Operation
- 258 Starting and Stopping Online Diagnostic Tests
- 259 Running All Online Diagnostic Tests
- 260 Displaying Online Diagnostic Tests and Test Results
- 276 How to Perform Memory Tests
- 276 How to Perform a Diagnostic Sanity Check
- 281 Onboard Failure Logging (OBFL)
- 281 Prerequisites for OBFL
- 282 Restrictions for OBFL
- 282 Information About OBFL
- 282 Overview of OBFL
- 282 Information about Data Collected by OBFL
- 282 OBFL Data Overview
- 283 Temperature
- 284 Operational Uptime
- 287 Interrupts
- 288 Message Logging
- 288 Default Settings for OBFL
- 289 Enabling OBFL
- 290 Configuration Examples for OBFL
- 290 Enabling OBFL Message Logging: Example
- 290 OBFL Message Log: Example
- 290 OBFL Component Uptime Report: Example
- 291 OBFL Report for a Specific Time: Example
- 293 Switch Fabric Functionality
- 293 Prerequisites for Switch Fabric Functionality
- 293 Restrictions for Switch Fabric Functionality
- 294 Information About the Switch Fabric Functionality
- 294 Switch Fabric Functionality Overview
- 294 Forwarding Decisions for Layer 3-Switched Traffic
- 294 Default Settings for Switch Fabric Functionality
- 295 How to Configure the Switch Fabric Functionality
- 296 Monitoring the Switch Fabric Functionality
- 296 Displaying the Switch Fabric Redundancy Status
- 296 Displaying Fabric Channel Switching Modes
- 296 Displaying the Fabric Status
- 297 Displaying the Fabric Utilization
- 297 Displaying Fabric Errors
- 299 Cisco IP Phone Support
- 299 Prerequisites for Cisco IP Phone Support
- 299 Restrictions for Cisco IP Phone Support
- 300 Information About Cisco IP Phone Support
- 300 Cisco IP Phone Connections
- 301 Cisco IP Phone Voice Traffic
- 302 Cisco IP Phone Data Traffic
- 302 Other Cisco IP Phone Features
- 302 Default Setting for Cisco IP Phone Support
- 303 How to Configure Cisco IP Phone Support
- 303 Configuring Voice Traffic Support
- 304 Configuring Data Traffic Support
- 307 Power over Ethernet (PoE) Support
- 307 Prerequisites for PoE
- 307 Restrictions for PoE
- 308 Information About PoE
- 308 Device Roles
- 308 PoE Overview
- 309 CPD-Based PoE Management
- 310 Inline Power IEEE Power Classification Override
- 310 LLDP Inline Power Negotiation for PoE+ (IEEE 802.3at)
- 310 How to Configure PoE Support
- 311 Displaying PoE Status
- 311 Configuring Per-Port PoE Support
- 312 Configuring PoE Power Priority
- 313 Setting the PoE Power Priority Global Enable State
- 313 Configuring PoE Port Power Priority
- 314 Configuring PoE Monitoring and Policing
- 314 Disabling LLDP Power Negotiation (IEEE 802.3at)
- 317 LAN Ports for Layer 2 Switching
- 317 Prerequisites for Layer 2 LAN Interfaces
- 318 Restrictions for Layer 2 LAN Interfaces
- 318 Information About Layer 2 Switching
- 318 Information about Layer 2 Ethernet Switching
- 319 Layer 2 Ethernet Switching Overview
- 319 Building the MAC Address Table
- 320 Information about VLAN Trunks
- 320 Layer 2 LAN Port Modes
- 321 Default Settings for Layer 2 LAN Interfaces
- 321 How to Configure LAN Interfaces for Layer 2 Switching
- 322 Configuring a LAN Port for Layer 2 Switching
- 322 Enabling Out-of-Band MAC Address Table Synchronization
- 323 Configuring MAC Address Table Notification
- 324 Configuring a Layer 2 Switching Port as a Trunk
- 324 Configuring the Layer 2 Trunk to Use DTP
- 325 Configuring the Layer 2 Trunk Not to Use DTP
- 325 Configuring the Access VLAN
- 326 Configuring the 802.1Q Native VLAN
- 326 Configuring the List of VLANs Allowed on a Trunk
- 327 Configuring the List of Prune-Eligible VLANs
- 328 Completing Trunk Configuration
- 328 Verifying Layer 2 Trunk Configuration
- 328 Configuration and Verification Examples
- 329 Configuring a LAN Interface as a Layer 2 Access Port
- 331 Configuring a Custom IEEE 802.1Q EtherType Field Value
- 333 Flex Links
- 333 Prerequisites for Flex Links
- 334 Restrictions for Flex Links
- 334 Information About Flex Links
- 336 Default Settings for Flex Links
- 336 How to Configure Flex Links
- 338 Monitoring Flex Links
- 339 EtherChannels
- 339 Prerequisites for EtherChannels
- 340 Restrictions for EtherChannels
- 341 Information About EtherChannels
- 341 EtherChannel Feature Overview
- 342 Information about EtherChannel Configuration
- 342 EtherChannel Configuration Overview
- 343 Information about Manual EtherChannel Configuration
- 343 Information about PAgP EtherChannel Configuration
- 343 Information about IEEE 802.3ad LACP EtherChannel Configuration
- 344 Information about LACP 1:1 Redundancy
- 345 Information about Port Channel Interfaces
- 345 Information about Load Balancing
- 345 Default Settings for EtherChannels
- 345 How to Configure EtherChannels
- 346 Configuring Port Channel Logical Interfaces
- 347 Configuring Channel Groups
- 349 Configuring the LACP System Priority and System ID
- 349 Configuring EtherChannel Load Balancing
- 350 Configuring the EtherChannel Hash-Distribution Algorithm
- 351 Configuring the Hash-Distribution Algorithm Globally
- 351 Configuring the Hash-Distribution Algorithm for a Port Channel
- 351 Configuring the EtherChannel Min-Links Feature
- 352 Configuring LACP 1:1 Redundancy
- 353 Configuring Auto Interleaved Port Priority For LACP Port Channels
- 354 Configuring LACP Port-Channel Standalone Disable
- 357 IEEE 802.1ak MVRP and MRP
- 357 Prerequisites for IEEE 802.1ak MVRP and MRP
- 358 Restrictions for IEEE 802.1ak MVRP and MRP
- 358 Information About IEEE 802.1ak MVRP and MRP
- 358 Overview
- 360 Dynamic VLAN Creation
- 360 MVRP Interoperability with VTP
- 361 Overview
- 361 VTP in Transparent or Off Mode
- 361 VTP in Server or Client Mode and VTP Pruning is Disabled
- 361 VTP in Server or Client Mode and VTP Pruning is Enabled
- 362 MVRP Interoperation with Non-Cisco Devices
- 362 MVRP Interoperability with Other Software Features and Protocols
- 362 802.1x and Port Security
- 362 DTP
- 363 EtherChannel
- 363 Flex Links
- 363 High Availability
- 363 ISSU and eFSU
- 363 L2PT
- 363 SPAN
- 363 Unknown Unicast and Multicast Flood Control
- 363 STP
- 363 UDLR
- 364 VLANs with MVRP
- 364 Default Settings for IEEE 802.1ak MVRP and MRP
- 364 How to Configure IEEE 802.1ak MVRP and MRP
- 364 Enabling MVRP
- 365 Enabling Automatic Detection of MAC Addresses
- 365 Enabling MVRP Dynamic VLAN Creation
- 366 Changing the MVRP Registrar State
- 366 Troubleshooting the MVRP Configuration
- 367 Configuration Examples for IEEE 802.1ak MVRP and MRP
- 367 Enabling MVRP
- 367 Enabling MVRP Automatic Detection of MAC Addresses
- 368 Enabling Dynamic VLAN Creation
- 368 Changing the MVRP Registrar State
- 369 VLAN Trunking Protocol (VTP)
- 369 Prerequisites for VTP
- 369 Restrictions for VTP
- 370 Information About VTP
- 371 VTP Overview
- 371 VTP Domains
- 372 VTP Modes
- 372 VTP Advertisements
- 373 VTP Authentication
- 373 VTP Version 2
- 374 VTP Version 3
- 375 VTP Pruning
- 377 VLAN Interaction
- 377 Interaction Between VTP Version 3 and VTP Version 2 Devices
- 377 Interaction Between VTP Version 3 and VTP Version 1 Devices
- 377 Default Settings for VTP
- 378 How to Configure VTP
- 378 Configuring VTP Global Parameters
- 378 Configuring VTP Version 1 and Version 2 Passwords
- 379 Configuring VTP Version 3 Password
- 379 Configuring VTP Version 3 Server Type
- 380 Enabling VTP Pruning
- 381 Enabling VTP Version 2
- 381 Enabling VTP Version 3
- 383 Configuring the VTP Mode
- 384 Configuring VTP Mode on a Per-Port Basis
- 385 Displaying VTP Statistics
- 387 Virtual Local Area Networks (VLANs)
- 387 Prerequisites for VLANs
- 388 Restrictions for VLANs
- 388 Information About VLANs
- 388 VLAN Overview
- 388 VLAN Ranges
- 389 Default Settings for VLANs
- 390 How to Configure VLANs
- 390 Configurable VLAN Parameters
- 390 VLAN Locking
- 391 Creating or Modifying an Ethernet VLAN
- 392 Assigning a Layer 2 LAN Interface to a VLAN
- 392 Configuring the Internal VLAN Allocation Policy
- 393 Configuring VLAN Translation
- 393 VLAN Translation Guidelines and Restrictions
- 394 Configuring VLAN Translation on a Trunk Port
- 395 Enabling VLAN Translation on Other Ports in a Port Group
- 395 Saving VLAN Information
- 397 Private VLANs
- 397 Prerequisites for Private VLANs
- 398 Restrictions for Private VLANs
- 398 Secondary and Primary VLANs
- 400 Private VLAN Ports
- 400 Limitations with Other Features
- 401 Information About Private VLANs
- 401 Private VLAN Domains
- 403 Private VLAN Ports
- 403 Primary, Isolated, and Community VLANs
- 404 Private VLAN Port Isolation
- 404 IP Addressing Scheme with Private VLANs
- 405 Private VLANs Across Multiple Switches
- 405 Private VLAN Interaction with Other Features
- 406 Private VLANs and Unicast, Broadcast, and Multicast Traffic
- 406 Private VLANs and SVIs
- 406 Default Settings for Private VLANs
- 406 How to Configure Private VLANs
- 407 Configuring a VLAN as a Private VLAN
- 408 Associating Secondary VLANs with a Primary VLAN
- 409 Mapping Secondary VLANs to the Layer 3 VLAN Interface of a Primary VLAN
- 410 Configuring a Layer 2 Interface as a Private VLAN Host Port
- 411 Configuring a Layer 2 Interface as a Private VLAN Promiscuous Port
- 412 Monitoring Private VLANs
- 413 Private Hosts
- 413 Prerequisites for Private Hosts
- 413 Restrictions for Private Hosts
- 414 General Private Host Restrictions
- 414 Private Host ACL Restrictions
- 415 Private Host VLAN on Trunk Port Restrictions
- 415 Private Host Interaction with Other Features
- 415 Private Host Spoofing Protection
- 416 Private Host Multicast Operation
- 416 Information About Private Hosts
- 416 Private Hosts Overview
- 416 Isolating Hosts in a VLAN
- 417 Restricting Traffic Flow (Using Private Hosts Port Mode and PACLs)
- 419 Port ACLs
- 420 Default Settings for Private Hosts
- 420 How to Configure Private Hosts
- 420 Configuration Summary
- 421 Detailed Configuration Steps
- 422 Configuration Examples
- 425 IEEE 802.1Q Tunneling
- 425 Prerequisites for 802.1Q Tunneling
- 425 Restrictions for 802.1Q Tunneling
- 428 Information About 802.1Q Tunneling
- 429 Default Settings for 802.1Q Tunneling
- 430 How to Configure 802.1Q Tunneling
- 430 Configuring 802.1Q Tunnel Ports
- 430 Configuring the Switch to Tag Native VLAN Traffic
- 431 Configuring the Switch to Tag Native VLAN Traffic Globally
- 431 Configuring Ports Not to Tag Native VLAN Traffic
- 433 Layer 2 Protocol Tunneling
- 433 Prerequisites for Layer 2 Protocol Tunneling
- 433 Restrictions for Layer 2 Protocol Tunneling
- 434 Information About Layer 2 Protocol Tunneling
- 434 Default Settings for Layer 2 Protocol Tunneling
- 435 How to Configure Layer 2 Protocol Tunneling
- 439 Spanning Tree Protocols
- 439 Prerequisites for Spanning Tree Protocols
- 440 Restrictions for Spanning Tree Protocols
- 440 Information About Spanning Tree Protocols
- 440 Information about STP
- 441 STP Overview
- 441 Information about the Bridge ID
- 442 Information about Bridge Protocol Data Units
- 443 Election of the Root Bridge
- 443 STP Protocol Timers
- 444 Creating the Spanning Tree Topology
- 444 STP Port States
- 450 STP and IEEE 802.1Q Trunks
- 451 Information about IEEE 802.1w RSTP
- 451 RSTP Overview
- 451 Port Roles and the Active Topology
- 452 Rapid Convergence
- 453 Synchronization of Port Roles
- 454 Bridge Protocol Data Unit Format and Processing
- 455 Topology Changes
- 456 Information about MST
- 456 MST Overview
- 457 MST Regions
- 457 IST, CIST, and CST
- 460 Hop Count
- 460 Boundary Ports
- 461 Standard-Compliant MST Implementation
- 462 Interoperability with IEEE 802.1D-1998 STP
- 463 Detecting Unidirectional Link Failure
- 463 Default Settings for Spanning Tree Protocols
- 463 Default STP Configuration
- 464 Default MST Configuration
- 464 How to Configure Spanning Tree Protocols
- 464 Configuring STP
- 465 Enabling STP
- 466 Enabling the Extended System ID
- 467 Configuring the Root Bridge
- 468 Configuring a Secondary Root Bridge
- 469 Configuring STP Port Priority
- 470 Configuring STP Port Cost
- 472 Configuring the Bridge Priority of a VLAN
- 473 Configuring the Hello Time
- 473 Configuring the Forward-Delay Time for a VLAN
- 474 Configuring the Maximum Aging Time for a VLAN
- 474 Enabling Rapid-PVST+
- 475 Configuring MST
- 476 Specifying the MST Region Configuration and Enabling MST
- 477 Configuring the Root Bridge
- 478 Configuring a Secondary Root Bridge
- 479 Configuring Port Priority
- 480 Configuring Path Cost
- 481 Configuring the Switch Priority
- 482 Configuring the Hello Time
- 483 Configuring the Forwarding-Delay Time
- 483 Configuring the Transmit Hold Count
- 483 Configuring the Maximum-Aging Time
- 484 Configuring the Maximum-Hop Count
- 484 Specifying the Link Type to Ensure Rapid Transitions
- 484 Designating the Neighbor Type
- 485 Restarting the Protocol Migration Process
- 485 Displaying the MST Configuration and Status
- 487 Optional STP Features
- 488 PortFast
- 488 Information about PortFast
- 488 Enabling PortFast
- 488 Configuring the PortFast Default State
- 489 Enabling PortFast on a Layer 2 Port
- 490 Bridge Assurance
- 490 Information about Bridge Assurance
- 493 Enabling Bridge Assurance
- 493 BPDU Guard
- 493 Information about BPDU Guard
- 493 Enabling BPDU Guard
- 494 Enabling BPDU Guard Globally
- 494 Enabling BPDU Guard on a Port
- 495 PortFast Edge BPDU Filtering
- 495 Information about PortFast Edge BPDU Filtering
- 496 Enabling PortFast Edge BPDU Filtering
- 496 Enabling PortFast Edge BPDU Filtering Globally
- 497 Enabling PortFast Edge BPDU Filtering on a Nontrunking Port
- 497 UplinkFast
- 497 Information about UplinkFast
- 498 Enabling UplinkFast
- 499 BackboneFast
- 499 Information about BackboneFast
- 501 Enabling BackboneFast
- 502 EtherChannel Guard
- 502 Information about EtherChannel Guard
- 502 Enabling EtherChannel Guard
- 503 Root Guard
- 503 Information about Root Guard
- 503 Enabling Root Guard
- 503 Loop Guard
- 503 Information about Loop Guard
- 505 Enabling Loop Guard
- 506 PVST Simulation
- 506 Information about PVST Simulation
- 507 Configuring PVST Simulation
- 507 Verifying the Optional STP Features
- 508 Using the show spanning-tree Commands
- 508 Examples of the show spanning-tree Commands
- 513 IP Unicast Layer 3 Switching
- 513 Prerequisites for Hardware Layer 3 Switching
- 514 Restrictions for Hardware Layer 3 Switching
- 514 Information About Layer 3 Switching
- 514 Hardware Layer 3 Switching
- 514 Layer 3-Switched Packet Rewrite
- 516 Default Settings for Hardware Layer 3 Switching
- 516 How to Configure Hardware Layer 3 Switching
- 517 Displaying Hardware Layer 3 Switching Statistics
- 519 Policy-Based Routing (PBR)
- 519 Prerequisites for PBR
- 520 Restrictions for PBR
- 520 Information About PBR
- 520 PBR Overview
- 521 PBR Recursive Next Hop for IPv4 Traffic
- 521 Default Settings for PBR
- 521 How to Configure PBR
- 522 Configuring PBR
- 523 Configuring Local PBR
- 523 Configuring PBR Recursive Next Hop
- 523 Setting the Recursive Next-Hop IP Address
- 524 Verifying the Recursive Next-Hop Configuration
- 525 Configuration Examples for PBR
- 525 Equal Access Example
- 526 Differing Next Hops Example
- 526 Recursive Next-Hop IP Address: Example
- 527 Layer 3 Interfaces
- 527 Restrictions for Layer 3 Interfaces
- 529 How to Configure Subinterfaces on Layer 3 Interfaces
- 531 Unidirectional Ethernet (UDE) and Unidirectional Link Routing (UDLR)
- 531 Prerequisites for UDE and UDLR
- 532 Restrictions for UDE and UDLR
- 532 UDE Restrictions
- 533 UDLR Back-Channel Tunnel Restrictions
- 533 Information About UDE and UDLR
- 533 UDE and UDLR Overview
- 533 Information about UDE
- 534 UDE Overview
- 534 Hardware-Based UDE
- 534 Software-Based UDE
- 534 Information about UDLR
- 534 Default Settings for UDE and UDLR
- 535 How to Configure UDE and UDLR
- 535 Configuring UDE
- 535 Configuring Hardware-Based UDE
- 535 Configuring Software-Based UDE
- 536 Configuring UDLR
- 537 Configuring a Receive-Only Tunnel Interface for a UDE Send-Only Port
- 537 Configuring a Send-Only Tunnel Interface for a UDE Receive-Only Port
- 539 Multiprotocol Label Switching (MPLS)
- 539 Prerequisites for MPLS
- 539 Restrictions for MPLS
- 540 Information About MPLS
- 540 MPLS Overview
- 542 IP to MPLS
- 542 MPLS to MPLS
- 542 MPLS to IP
- 543 MPLS VPN Forwarding
- 543 Recirculation
- 543 Hardware Supported Features
- 544 Supported MPLS Features
- 545 Default Settings for MPLS
- 545 How to Configure MPLS Features
- 545 Configuring MPLS
- 545 Configuring MUX-UNI Support on LAN Cards
- 547 Configuration Examples for MPLS
- 549 MPLS VPN Support
- 549 Prerequisites for MPLS VPN
- 550 Restrictions for MPLS VPN
- 550 Information About MPLS VPN Support
- 551 How to Configure MPLS VPNs
- 552 Configuration Example for MPLS VPNs
- 555 Ethernet over MPLS (EoMPLS)
- 555 Prerequisites for EoMPLS
- 556 Restrictions for EoMPLS
- 557 Information About EoMPLS
- 557 AToM Overview
- 557 EoMPLS Overview
- 557 Default Settings for EoMPLS
- 558 How to Configure EoMPLS
- 558 Configuring VLAN-Based EoMPLS
- 560 Configuring Port-Based EoMPLS
- 565 Configuring A-VPLS
- 565 Prerequisites for A-VPLS
- 566 Restrictions for A-VPLS
- 566 Information About A-VPLS
- 567 How to Configure A-VPLS
- 567 Enabling Load-Balancing with ECMP and FAT Pseudowires
- 568 Enabling Port-Channel Load-Balancing
- 568 Explicitly Specifying the PE Routers As Part of Virtual Ethernet Interface Configuration
- 569 Configuring an MPLS Traffic Engineering Tunnel
- 570 Configuring a GRE Tunnel
- 572 Routed Pseudo-Wire (RPW) and Routed VPLS
- 575 Ethernet Virtual Connections (EVCs)
- 575 Prerequisites for EVCs
- 576 Restrictions for EVCs
- 577 Information About EVCs
- 577 EVC Overview
- 578 Ethernet Flow Points
- 578 Service Instances and EFPs
- 579 Encapsulation (Flexible Service Mapping)
- 581 EFPs and MSTP
- 581 Bridge Domains
- 581 Bridge Domain Overview
- 582 Ethernet MAC Address Learning
- 582 Flooding of Layer 2 Frames for Unknown MAC and Broadcast Addresses
- 582 Layer 2 Destination MAC Address-Based Forwarding
- 582 MAC Address Aging
- 582 MAC Address Table
- 583 Rewrite Operations
- 583 Layer 3 and Layer 4 ACL Support
- 583 Advanced Frame Manipulation
- 583 Egress Frame Filtering
- 583 Default Settings for EVCs
- 584 How to Configure EVCs
- 586 Two Service Instances Joining the Same Bridge Domain
- 586 Bridge Domains and VLAN Encapsulation
- 587 Rewrite
- 588 Monitoring EVCs
- 589 Layer 2 over Multipoint GRE (L2omGRE)
- 589 Prerequisites for L2omGRE
- 590 Restrictions for L2omGRE
- 590 Information About L2omGRE
- 591 Default Settings for L2omGRE
- 591 How to Configure L2omGRE
- 591 Configuring a Loopback Interface
- 591 Configuring an mGRE Tunnel Interface
- 592 Configuring a VLAN Interface
- 593 L2omGRE Configuration Examples
- 593 Verifying the L2omGRE Configuration
- 595 Campus Fabric
- 595 Understanding Fabric Domain Elements
- 595 Campus Fabric Licensing
- 596 Example: Show commands for license right-to-use
- 596 show license right-to-use
- 597 Campus Fabric Configuration Guidelines
- 598 How to Configure Fabric Overlay
- 598 Configuring Fabric Edge Devices
- 598 Configuring Control-Plane Devices Using IPv4
- 598 Before You Begin
- 599 Configuring Control-Plane Devices Using IPv6
- 599 Before You Begin
- 600 Configuring Border Devices Using IPv4
- 600 Before You Begin
- 601 Configuring Border Devices Using IPv6
- 602 Before You Begin
- 603 Example: Configuring Fabric Border and Control-Plane Devices
- 603 Fabric Border Router Using IPv4
- 604 Fabric Border Router Using IPv6
- 604 Control Plane Using IPv4
- 605 Control Plane Using IPv6
- 607 IPv4 Multicast Layer 3 Features
- 607 Prerequisites for IPv4 Multicast Layer 3 Features
- 607 Restrictions for IPv4 Multicast Layer 3 Features
- 608 Information About IPv4 Multicast Layer 3 Features
- 608 IPv4 Multicast Layer 3 Features Overview
- 609 Distributed MRIB and MFIB Infrastructure
- 610 Multicast Layer 3 Hardware Features Entries
- 610 Layer 3-Switched Multicast Statistics
- 611 Layer 3-Switched Multicast Packet Rewrite
- 611 Replication Modes
- 612 Local Egress Replication Mode
- 612 PIM-SM hardware register support
- 612 PIM-SM hardware SPT-switchover support
- 613 Control Plane Policing (CoPP)
- 613 Non-RPF Traffic Processing
- 613 Multicast Boundary
- 614 IPv4 Bidirectional PIM
- 614 Supported Multicast Features
- 615 Hardware-Supported IPv4 Layer 3 Features
- 616 Unsupported IPv4 Layer 3 Features
- 617 Hardware-Supported IPv6 Layer 3 Multicast Features
- 617 Partially Hardware-Supported IPv6 Layer 3 Multicast Features
- 618 Software-Supported IPv6 Layer 3 Multicast Features
- 618 Unsupported IPv6 Layer 3 Multicast Features
- 618 Hardware-Supported Layer 2 Common Multicast Features
- 618 Unsupported Layer 2 Common Multicast Features
- 619 Hardware-Supported Layer 2 Enterprise Multicast Features
- 619 Unsupported Layer 2 Enterprise Multicast Features
- 619 Hardware-Supported Layer 2 Metro Multicast Features
- 619 Unsupported Layer 2 Metro Multicast Features
- 620 Hardware-Supported MPLS Multicast Features
- 620 Unsupported MPLS Multicast Features
- 620 Hardware-Supported Security Multicast Features
- 620 Software-Supported Security Multicast Features
- 620 Unsupported Security Multicast Features
- 621 Default Settings for IPv4 Multicast Layer 3 Features
- 621 How to Configure IPv4 Multicast Layer 3 Features
- 622 Enabling IPv4 Multicast Routing Globally
- 622 Enabling IPv4 PIM on Layer 3 Interfaces
- 622 Enabling IP Multicast Layer 3 Switching on Layer 3 Interfaces
- 623 Enabling IP MFIB forwarding on Layer 3 Interfaces
- 624 Configuring the Replication Mode
- 624 Configuring Multicast Boundary
- 625 Verifying Local Egress Replication
- 626 Displaying IPv4 Multicast PIM-SM register tunnel information
- 626 Displaying the IPv4 Multicast Routing Table
- 627 Displaying IPv4 MRIB Information
- 628 Displaying IPv4 MFIB Information
- 629 Viewing Directly Connected Entries
- 630 Displaying IPv4 Hardware Switching Information
- 631 Displaying IPv4 CoPP Information
- 632 Source-Specific Multicast with IGMPv3, IGMP v3lite, and URD
- 632 Configuring IPv4 Bidirectional PIM
- 633 Enabling IPv4 Bidirectional PIM Globally
- 633 Configuring the Rendezvous Point for IPv4 Bidirectional PIM Groups
- 633 Displaying IPv4 Bidirectional PIM Information
- 637 Using IPv4 Debug Commands
- 637 Redundancy for Multicast Traffic
- 639 IGMP Snooping for IPv4 Multicast Traffic
- 639 Prerequisites for IGMP Snooping
- 639 Restrictions for IGMP Snooping
- 640 General IGMP Snooping Restrictions
- 640 IGMP Snooping Querier Restrictions
- 640 Information About IGMP Snooping
- 641 IGMP Snooping Overview
- 641 Joining a Multicast Group
- 643 Leaving a Multicast Group
- 643 Normal Leave Processing
- 644 Immediate-Leave Processing
- 644 Information about the IGMP Snooping Querier
- 644 Information about IGMP Version 3 Support
- 645 IGMP Version 3 Support Overview
- 645 IGMPv3 Immediate-Leave Processing
- 645 Proxy Reporting
- 646 Explicit Host Tracking
- 646 Default Settings for IGMP Snooping
- 646 How to Configure IGMP Snooping
- 647 Enabling the IGMP Snooping Querier
- 647 Enabling IGMP Snooping
- 647 Enabling IGMP Snooping Globally
- 648 Enabling IGMP Snooping in a VLAN
- 649 Configuring the IGMP Snooping Lookup Method
- 649 Configuring a Static Connection to a Multicast Receiver
- 650 Configuring a Multicast Router Port Statically
- 650 Configuring the IGMP Snooping Query Interval
- 651 Enabling IGMP Snooping Immediate-Leave Processing
- 651 Configuring IGMPv3 Snooping Explicit Host Tracking
- 652 Displaying IGMP Snooping Information
- 652 Displaying Multicast Router Interfaces
- 653 Displaying MAC Address Multicast Entries
- 653 Displaying IGMP Snooping Information for a VLAN Interface
- 655 PIM Snooping
- 655 Prerequisites for PIM Snooping
- 656 Restrictions for PIM Snooping
- 656 Information About PIM Snooping
- 658 Default Settings for PIM Snooping
- 659 How to Configure PIM Snooping
- 659 Enabling PIM Snooping Globally
- 659 Enabling PIM Snooping in a VLAN
- 660 Disabling PIM Snooping Designated-Router Flooding
- 661 Multicast VLAN Registration (MVR)
- 661 Restrictions for MVR
- 661 Restrictions for MVR
- 662 Information About MVR
- 662 MVR Overview
- 663 Using MVR in a Multicast Television Application
- 665 Default MVR Configuration
- 665 How to Configure MVR
- 665 Configuring MVR Global Parameters
- 666 Configuring MVR Interfaces
- 668 Clearing MVR Counters
- 668 Displaying MVR Information
- 671 IPv4 IGMP Filtering
- 671 Prerequisites for IGMP Filtering
- 671 Restrictions for IGMP Filtering
- 672 Information About IGMP Filtering
- 673 IGMP Filtering Overview
- 674 IGMP Filter Precedence
- 674 Access Mode
- 674 Trunk Mode
- 674 Default Settings for IGMP Filtering
- 674 How to Configure IGMP Filters
- 674 Configuring IGMP Group and Channel Access Control
- 675 Configuring IGMP Group and Channel Limits
- 675 Configuring IGMP Version Filtering
- 676 Clearing IGMP Filtering Statistics
- 676 Verifying the IGMP Filtering Configuration
- 676 Displaying IGMP Filtering Configuration
- 677 Displaying IGMP Filtering Statistics
- 678 Configuration Examples for IGMP Filtering
- 681 IPv4 Router Guard
- 681 Prerequisites for Router Guard
- 681 Restrictions for Router Guard
- 682 Information About Router Guard
- 682 Default Settings for Router Guard
- 682 How to Configure Router Guard
- 683 Enabling Router Guard Globally
- 683 Disabling Router Guard on Ports
- 683 Clearing Router Guard Statistics
- 684 Verifying the Router Guard Configuration
- 684 Displaying Router Guard Configuration
- 685 Displaying Router Guard Interfaces
- 687 IPv4 Multicast VPN Support
- 687 Prerequisites for mVPNs
- 687 Restrictions for mVPNs
- 688 General Restrictions
- 689 mVPN with L3VPN over mGRE Restrictions
- 689 Information About mVPN
- 689 mVPN Overview
- 690 Multicast Routing and Forwarding and Multicast Domains
- 690 Multicast Distribution Trees
- 693 Multicast Tunnel Interfaces
- 694 PE Router Routing Table Support for mVPN
- 694 Multicast Distributed Switching Support
- 694 Hardware-Assisted IPv4 Multicast
- 695 Information About mVPN with L3VPN over mGRE
- 695 Overview
- 695 Route Maps
- 696 Tunnel Endpoint Discovery and Forwarding
- 696 Tunnel Decapsulation
- 696 Tunnel Source
- 696 Default Settings for mVPNs
- 697 How to Configure mVPNs
- 697 Configuring a Multicast VPN Routing and Forwarding Instance
- 697 Configuring a VRF Entry
- 698 Configuring the Route Distinguisher
- 698 Configuring the Route-Target Extended Community
- 699 Configuring the Default MDT
- 699 Configuring Data MDTs (Optional)
- 700 Enabling Data MDT Logging
- 700 Sample Configuration
- 701 Displaying VRF Information
- 702 Configuring Multicast VRF Routing
- 702 Enabling IPv4 Multicast Routing Globally
- 703 Enabling IPv4 Multicast VRF Routing
- 703 Specifying the PIM VRF RP Address
- 704 Configuring a PIM VRF Register Message Source Address (Optional)
- 704 Configuring an MSDP Peer (Optional)
- 704 Configuring the Maximum Number of Multicast Routes (Optional)
- 705 Configuring IPv4 Multicast Route Filtering (Optional)
- 705 Sample Configuration
- 706 Displaying IPv4 Multicast VRF Routing Information
- 706 Configuring Interfaces for Multicast Routing to Support mVPN
- 706 Multicast Routing Configuration Overview
- 707 Configuring PIM on an Interface
- 707 Configuring an Interface for IPv4 VRF Forwarding
- 708 Sample Configuration
- 708 Configuring mVPN with L3VPN over mGRE
- 708 Configuring an L3VPN Encapsulation Profile
- 709 Configuring BGP and Route Maps
- 713 Configuration Examples for mVPNs
- 713 mVPN Configuration with Default MDTs Only
- 715 mVPN Configuration with Default and Data MDTs
- 718 Verifying the mVPN with L3VPN over mGRE Configuration
- 719 Configuration Sequence for mVPN with L3VPN over mGRE
- 721 IPv6 Multicast Support
- 721 Prerequisites for IPv6 Multicast
- 721 Restrictions for IPv6 Multicast
- 722 Information About IPv6 Multicast Support
- 722 Hardware-Supported IPv6 Layer 3 Multicast Features
- 723 Partially Hardware-Supported IPv6 Layer 3 Multicast Features
- 723 Software-Supported IPv6 Layer 3 Multicast Features
- 723 Unsupported IPv6 Layer 3 Multicast Features
- 724 How to Configure IPv6 Multicast Support
- 724 Verifying the IPv6 Multicast Layer 3 Configuration
- 725 Verifying MFIB Clients
- 725 Displaying the Switching Capability
- 725 Verifying the (S,G) Forwarding Capability
- 725 Verifying the (*,G) Forwarding Capability
- 725 Verifying the Subnet Entry Support Status
- 725 Verifying the Current Replication Mode
- 725 Displaying the Replication Mode Auto-Detection Status
- 726 Displaying the Replication Mode Capabilities
- 726 Displaying Subnet Entries
- 726 Displaying the IPv6 Multicast Summary
- 727 Displaying the NetFlow Hardware Forwarding Count
- 727 Displaying the FIB Hardware Bridging and Drop Counts
- 728 Displaying the Shared and Well-Known Hardware Adjacency Counters
- 729 IPv6 MLD Snooping
- 729 Prerequisites for MLD Snooping
- 730 Restrictions for MLD Snooping
- 730 General MLD Snooping Restrictions
- 730 MLD Snooping Querier Restrictions
- 731 Information About MLD Snooping
- 731 MLD Snooping Overview
- 732 MLD Messages
- 732 Source-Based Filtering
- 732 Explicit Host Tracking
- 733 MLD Snooping Proxy Reporting
- 733 Joining an IPv6 Multicast Group
- 735 Leaving a Multicast Group
- 735 Normal Leave Processing
- 736 Fast-Leave Processing
- 736 Information about the MLD Snooping Querier
- 737 Default MLD Snooping Configuration
- 737 How to Configure MLD Snooping
- 738 Enabling the MLD Snooping Querier
- 738 Configuring the MLD Snooping Query Interval
- 739 Enabling MLD Snooping
- 739 Enabling MLD Snooping Globally
- 739 Enabling MLD Snooping in a VLAN
- 740 Configuring a Static Connection to a Multicast Receiver
- 740 Configuring a Multicast Router Port Statically
- 740 Enabling Fast-Leave Processing
- 741 Enabling SSM Safe Reporting
- 741 Configuring Explicit Host Tracking
- 742 Configuring Report Suppression
- 742 Verifying the MLD Snooping Configuration
- 742 Displaying Multicast Router Interfaces
- 742 Displaying MAC Address Multicast Entries
- 743 Displaying MLD Snooping Information for a VLAN Interface
- 745 NetFlow Hardware Support
- 745 Prerequisites for NetFlow Hardware Support
- 745 Restrictions for NetFlow Hardware Support
- 746 Information About NetFlow Hardware Support
- 746 Default Settings for NetFlow Hardware Support
- 746 How to Configure NetFlow Hardware Support
- 747 Configuring Inactive Flow Aging
- 747 Configuring Fast Aging
- 748 Configuring Active Flow Aging
- 748 Verifying the NetFlow Table Aging Configuration
- 751 Call Home
- 752 Prerequisites for Call Home
- 752 Restrictions for Call Home
- 753 Information About Call Home
- 753 Call Home Overview
- 754 Anonymous Reporting
- 754 Smart Call Home
- 755 Alert Group Trigger Events and Commands
- 763 Message Contents
- 767 Sample Syslog Alert Notification in Long-Text Format
- 767 Sample Syslog Alert Notification in XML Format
- 771 Default Settings for Call Home
- 771 How to Configure Call Home
- 771 Configuring Call Home Customer Contact Information
- 772 Configuring Destination Profiles
- 773 Destination Profile Overview
- 773 Configuring Call Home to Use VRF
- 774 Configuring a Destination Profile to Send Email Messages
- 776 Configuring an Anonymous Mode Profile
- 777 Configuring an HTTP Proxy Server
- 777 Configuring a Destination Profile to Send HTTP Messages
- 778 Destination Profile Management
- 781 Subscribing to Alert Groups
- 781 Overview of Alert Group Subscription
- 781 Configuring Alert Group Subscription
- 783 Periodic Notification
- 783 Message Severity Thresholds
- 785 Configuring the Snapshot Command List
- 785 Enabling AAA Authorization to Run IOS Commands for Call Home Messages
- 786 Configuring Syslog Pattern Matching
- 787 Configuring Call Home Data Privacy
- 787 Enabling Call Home
- 788 Configuring Call Home Traffic Rate Limiting
- 788 Configuring Syslog Throttling
- 788 Testing Call Home Communications
- 789 Sending a Call Home Test Message Manually
- 789 Sending a Call Home Alert Group Message Manually
- 790 Sending a Request for an Analysis and Report
- 791 Sending the Output of a Command
- 792 Configuring the Smart Call Home Service
- 792 Smart Call Home Overview
- 792 Smart Call Home Service Prerequisites
- 793 Configuring Smart Call Home with a Single Command
- 794 Enabling the Smart Call Home Service
- 795 Start Smart Call Home Registration
- 795 Verifying the Call Home Configuration
- 803 System Event Archive (SEA)
- 803 Information About the System Event Archive
- 804 How to Display the SEA Logging System
- 805 How to Copy the SEA To Another Device
- 807 Backplane Traffic Monitoring
- 807 Prerequisites for Backplane Traffic Monitoring
- 808 Restrictions for Backplane Traffic Monitoring
- 808 Information About Traffic Monitoring
- 808 Default Settings for Backplane Traffic Monitoring
- 809 How to Configure Backplane Traffic Monitoring
- 811 Local SPAN, RSPAN, and ERSPAN
- 811 Prerequisites for Local SPAN, RSPAN, and ERSPAN
- 812 Restrictions for Local SPAN, RSPAN, and ERSPAN
- 812 Feature Incompatibilities
- 813 Local SPAN, RSPAN, and ERSPAN Session Limits
- 813 Local SPAN, RSPAN, and ERSPAN Interface Limits
- 813 General Restrictions for Local SPAN, RSPAN, and ERSPAN
- 815 Restrictions for VSPAN
- 815 Restrictions for RSPAN
- 816 Restrictions for ERSPAN
- 817 Restrictions for Distributed Egress SPAN Mode
- 817 Information About Local SPAN, RSPAN, and ERSPAN
- 817 Local SPAN, RSPAN, and ERSPAN Overview
- 817 SPAN Operation
- 818 Local SPAN Overview
- 818 RSPAN Overview
- 819 ERSPAN Overview
- 820 Traffic Monitored at SPAN Sources
- 821 Local SPAN, RSPAN, and ERSPAN Sources
- 821 Source Ports and EtherChannels
- 821 Source VLANs
- 822 Local SPAN, RSPAN, and ERSPAN Destinations
- 822 Default Settings for Local SPAN, RSPAN, and ERSPAN
- 822 How to Configure Local SPAN, RSPAN, and ERSPAN
- 823 Configuring a Destination as an Unconditional Trunk (Optional)
- 823 Configuring Destination Trunk VLAN Filtering (Optional)
- 825 Configuring Destination Port Permit Lists (Optional)
- 825 Configuring the Egress SPAN Mode (Optional)
- 826 Configuring Local SPAN
- 826 Configuring Local SPAN (SPAN Configuration Mode)
- 828 Configuring Local SPAN (Global Configuration Mode)
- 830 Configuring RSPAN
- 830 Configuring RSPAN VLANs
- 830 Configuring RSPAN Sessions (SPAN Configuration Mode)
- 833 Configuring RSPAN Sessions (Global Configuration Mode)
- 836 Configuring ERSPAN
- 836 Configuring ERSPAN Source Sessions
- 838 Configuring ERSPAN Destination Sessions
- 840 Configuring Source VLAN Filtering in Global Configuration Mode
- 841 Verifying the SPAN Configuration
- 841 Configuration Examples for SPAN
- 845 SNMP IfIndex Persistence
- 845 Prerequisites for SNMP IfIndex Persistence
- 845 Restrictions for SNMP IfIndex Persistence
- 846 Information About SNMP IfIndex Persistence
- 846 Default Settings for SNMP IfIndex Persistence
- 846 How to Configure SNMP IfIndex Persistence
- 846 Enabling SNMP IfIndex Persistence Globally
- 847 Disabling SNMP IfIndex Persistence Globally
- 847 Enabling and Disabling SNMP IfIndex Persistence on Specific Interfaces
- 848 Clearing SNMP IfIndex Persistence Configuration from a Specific Interface
- 849 Top-N Reports
- 849 Prerequisites for Top-N Reports
- 849 Restrictions for Top-N Reports
- 850 Information About Top-N Reports
- 850 Top-N Reports Overview
- 850 Top-N Reports Operation
- 851 Default Settings for Top-N Reports
- 851 How to Use Top-N Reports
- 851 Enabling Top-N Reports Creation
- 852 Displaying Top-N Reports
- 853 Clearing Top-N Reports
- 855 Layer 2 Traceroute Utility
- 855 Prerequisites for the Layer 2 Traceroute Utility
- 855 Restrictions for the Layer 2 Traceroute Utility
- 856 Information About the Layer 2 Traceroute Utility
- 857 How to Use the Layer 2 Traceroute Utility
- 859 Mini Protocol Analyzer
- 859 Prerequisites for the Mini Protocol Analyzer
- 859 Restrictions for the Mini Protocol Analyzer
- 860 Information About the Mini Protocol Analyzer
- 860 How to Configure the Mini Protocol Analyzer
- 860 Configuring a Capture Session
- 862 Filtering the Packets to be Captured
- 863 Starting and Stopping a Capture
- 865 Displaying and Exporting the Capture Buffer
- 865 Configuration Examples for the Mini Protocol Analyzer
- 866 General Configuration Examples
- 867 Filtering Configuration Examples
- 868 Operation Examples
- 868 Display Examples
- 868 Displaying the Configuration
- 869 Displaying the Capture Session Status
- 870 Displaying the Capture Buffer Contents
- 873 Restrictions for PFC QoS
- 874 General Guidelines
- 876 PFC and DFC Guidelines
- 877 Class Map Command Restrictions
- 877 Policy Map Class Command Restrictions
- 877 Supported Granularity for CIR and PIR Rate Values
- 878 Supported Granularity for CIR and PIR Token Bucket Sizes
- 879 IP Precedence and DSCP Values
- 881 PFC QoS Overview
- 883 Classification, Marking, and Policing
- 883 Information About Classification, Marking, and Policing Policies
- 883 Classification, Marking, and Policing Policy Overview
- 884 Traffic Classification
- 885 Traffic Marking
- 886 Information about Policing
- 886 Overview of Policing
- 887 Per-Interface Policers
- 887 Aggregate Policers
- 888 Microflow Policers
- 889 How to Configure Classification, Marking, and Policing Policies
- 889 Enabling Distributed Aggregate Policing
- 890 Configuring a Class Map
- 890 Creating a Class Map
- 890 Configuring Filtering in a Class Map
- 890 Verifying Class Map Configuration
- 891 Configuring a Policy Map
- 891 Policy Map Overview
- 891 Creating a Policy Map
- 891 Policy Map Class Configuration Guidelines and Restrictions
- 891 Creating a Policy Map Class and Configuring Filtering
- 892 Configuring Policy Map Class Actions
- 898 Verifying Policy Map Configuration
- 899 Attaching a Policy Map to an Interface
- 901 Configuring Dynamic Per-Session Attachment of a Policy Map
- 901 Policy Map Dynamic Per-Session Attachment Prerequisites
- 901 Defining and Associating Policy Maps
- 903 Policy-Based Queueing
- 903 Prerequisites for Policy-Based Queueing
- 904 Restrictions for Policy-Based Queueing
- 906 Information About Policy-Based Queueing
- 906 Port-Based Queue Types
- 906 Ingress and Egress Buffers and Queues
- 907 Ingress Queue Types
- 908 Egress Queue Types
- 909 Module to Queue Type Mappings
- 910 Queueing Policies
- 912 How to Configure Policy-Based Queueing
- 913 Configuring a Queueing Policy Class Map
- 913 Verifying a Queueing Policy Class Map
- 913 Configuring Queueing Policy Maps
- 914 Configuring Policy-Based Queueing on WS-X6904-40G-2T Ports
- 915 Creating a Queueing Policy
- 916 Configuring a Priority Queue
- 916 Configuring Nonpriority Queues
- 917 Configuring Thresholds
- 919 Verifying a Queueing Policy Map
- 919 Attaching a Queueing Policy Map to an Interface
- 920 Configuration Examples for Policy-Based Queueing
- 920 Queueing Policy Sample Configuration
- 921 Queueing Policy Commands Supported by Each Queue Type
- 922 1q2t, 1q8t Ingress Queue Supported Commands
- 923 2q8t Ingress Queue Supported Commands
- 924 8q4t Ingress Queue Supported Commands
- 925 8q8t Ingress Queue Supported Commands
- 926 1p1q4t Ingress Queue Supported Commands
- 927 1p1q8t Ingress Queue Supported Commands
- 928 1p7q2t Ingress Queue Supported Commands
- 929 1p3q8t Egress Queue Supported Commands
- 930 1p7q8t Egress Queue Supported Commands
- 931 1p7q4t, 2p6q4t Ingress or Egress Queue Supported Commands
- 933 WS-X6904-40G-2T 1p7q4t, 2p6q4t Egress Queue Supported Commands
- 935 Queueing Policy Commands Sample Configurations for Each Queue Type
- 935 1q2t Ingress Queue Sample Configuration
- 935 1q8t Ingress Queue Sample Configuration
- 936 2q8t Ingress Queue Sample Configuration
- 937 8q4t, 8q8t Ingress Queue Sample Configuration (CoS-Based Queueing)
- 937 8q4t Ingress Queue Sample Configuration (DSCP-Based Queueing)
- 940 1p1q4t Ingress Queue Sample Configuration
- 940 1p1q8t Ingress Queue Sample Configuration
- 941 1p3q8t Egress Queue Sample Configuration
- 942 1p7q8t Egress Queue Sample Configuration
- 943 1p7q4t Ingress or Egress Queue Sample Configuration (CoS-Based Queueing)
- 944 1p7q4t Ingress or Egress Queue Sample Configuration (DSCP-Based Queueing)
- 947 Queuing on FEX
- 947 Priority Queuing
- 947 Queue Bandwidth
- 947 DSCP to Queue Map
- 947 Queue Buffer
- 949 QoS Global and Interface Options
- 950 How to Configure the Ingress LAN Port CoS Value
- 951 How to Configure Egress DSCP Mutation
- 951 Configuring Named DSCP Mutation Maps
- 952 Attaching an Egress DSCP Mutation Map to an Interface
- 952 How to Configure Ingress CoS Mutation on IEEE 802.1Q Tunnel Ports
- 952 Ingress CoS Mutation Configuration Guidelines and Restrictions
- 954 Configuring Ingress CoS Mutation Maps
- 954 Applying Ingress CoS Mutation Maps to IEEE 802.1Q Tunnel Ports
- 955 How to Configure DSCP Value Maps
- 955 Mapping Received CoS Values to Internal DSCP Values
- 955 Mapping Received IP Precedence Values to Internal DSCP Values
- 956 Configuring DSCP Markdown Values
- 957 Mapping Internal DSCP Values to Egress CoS Values
- 958 How to Configure Trusted Boundary with Cisco Device Verification
- 959 Legacy Configuration Procedures for Queueing-Only Mode
- 960 Legacy Configuration Procedures for VLAN-Based PFC QoS on Layer 2 LAN Ports
- 961 Legacy Configuration Procedures for Port Trust State
- 962 Legacy Configuration Procedures for DSCP-Based Queue Mapping
- 962 Enabling DSCP-Based Queue Mapping
- 963 Configuring Ingress DSCP-Based Queue Mapping
- 963 Mapping DSCP Values to Standard Receive-Queue Thresholds
- 964 Mapping DSCP Values to Standard Transmit-Queue Thresholds
- 966 Mapping DSCP Values to the Transmit Strict-Priority Queue
- 967 AutoQoS
- 967 Prerequisites for AutoQoS
- 968 Restrictions for AutoQoS
- 968 Information About AutoQoS
- 969 AutoQoS Support for a Cisco IP Phone
- 969 AutoQoS Support for Cisco IP Communicator
- 970 AutoQoS Support for Marked Traffic
- 970 Default Settings for AutoQoS
- 970 How to Configure AutoQoS
- 971 Configuring AutoQoS Support for a Cisco IP Phone
- 972 Configuring AutoQoS Support for Cisco IP Communicator
- 973 Configuring AutoQoS Support for Marked Traffic
- 975 MPLS QoS
- 976 Terminology
- 976 MPLS QoS Features
- 977 MPLS Experimental Field
- 977 Trust
- 977 Classification
- 977 Policing and Marking
- 978 Preserving IP ToS
- 978 EXP Mutation
- 978 MPLS DiffServ Tunneling Modes
- 978 MPLS QoS Overview
- 978 Specifying the QoS in the IP Precedence Field
- 979 MPLS QoS
- 979 MPLS Topology Overview
- 980 LERs at the Input Edge of an MPLS Network
- 980 LSRs in the Core of an MPLS Network
- 981 LERs at the Output Edge of an MPLS Network
- 981 LERs at the EoMPLS Edge
- 982 LERs at the IP Edge (MPLS, MPLS VPN)
- 982 IP to MPLS
- 983 MPLS to IP
- 985 MPLS VPN
- 985 LSRs at the MPLS Core
- 985 MPLS to MPLS
- 987 MPLS QoS Default Configuration
- 989 MPLS QoS Commands
- 989 MPLS QoS Restrictions
- 990 How to Configure MPLS QoS
- 991 Enabling Queueing-Only Mode
- 991 Restrictions and Usage Guidelines
- 991 Configuring a Class Map to Classify MPLS Packets
- 993 Restrictions and Usage Guidelines
- 994 Configuring a Policy Map
- 994 Configuring a Policy Map to Set the EXP Value on All Imposed Labels
- 996 Configuring a Policy Map Using the Police Command
- 998 Displaying a Policy Map
- 998 Displaying the Configuration of All Classes
- 998 Configuring MPLS QoS Egress EXP Mutation
- 999 Configuring Named EXP Mutation Maps
- 999 Attaching an Egress EXP Mutation Map to an Interface
- 999 Configuring EXP Value Maps
- 1000 Configuring an Ingress-EXP to Internal-DSCP Map
- 1000 Configuring a Named Egress-DSCP to Egress-EXP Map
- 1000 MPLS DiffServ Tunneling Modes
- 1001 Short Pipe Mode
- 1002 Short Pipe Mode Restrictions
- 1002 Uniform Mode
- 1004 Uniform Mode Restrictions
- 1004 MPLS DiffServ Tunneling Restrictions and Usage Guidelines
- 1004 How to Configure Short Pipe Mode
- 1004 Ingress PE Router—Customer Facing Interface
- 1006 Configuring Ingress PE Router—P Facing Interface
- 1006 Configuration Example
- 1007 Configuring the P Router—Output Interface
- 1007 Configuration Example
- 1008 Configuring the Egress PE Router—Customer Facing Interface
- 1008 Configuration Example
- 1008 How to Configure Uniform Mode
- 1009 Configuring the Ingress PE Router—Customer Facing Interface
- 1009 Configuration Example
- 1010 Configuring the Ingress PE Router—P Facing Interface
- 1011 Configuring the Egress PE Router—Customer Facing Interface
- 1013 PFC QoS Statistics Data Export
- 1013 Prerequisites for PFC QoS Statistics Data Export
- 1013 Restrictions for PFC QoS Statistics Data Export
- 1014 Information About PFC QoS Statistics Data Export
- 1014 Default Settings for PFC QoS Statistics Data Export
- 1014 How to Configure PFC QoS Statistics Data Export
- 1015 Enabling PFC QoS Statistics Data Export Globally
- 1015 Enabling PFC QoS Statistics Data Export for a Port
- 1016 Enabling PFC QoS Statistics Data Export for a Named Aggregate Policer
- 1017 Enabling PFC QoS Statistics Data Export for a Class Map
- 1018 Setting the PFC QoS Statistics Data Export Time Interval
- 1019 Configuring PFC QoS Statistics Data Export Destination Host and UDP Port
- 1020 Setting the PFC QoS Statistics Data Export Field Delimiter
- 1023 Cisco IOS ACL Support
- 1024 Restrictions for Cisco IOS ACLs
- 1024 Restrictions for Layer 4 Operators in ACLs
- 1024 Determining Layer 4 Operation Usage
- 1025 Determining Logical Operation Unit Usage
- 1026 Information About ACL Support
- 1028 Policy-Based ACLs (PBACLs)
- 1028 Restrictions for PBACLs
- 1028 Information about PBACLs
- 1028 How to Configure PBACLs
- 1029 Configuring a PBACL IP Address Object Group
- 1029 Configuring a PBACL Protocol Port Object Group
- 1030 Configuring ACLs with PBACL Object Groups
- 1030 Configuring PBACL on an Interface
- 1030 IPv6 Object Group-Based ACLs (IPv6 OG ACLs)
- 1031 Restrictions for IPv6 OG ACLs
- 1031 Information about IPv6 OG ACLs
- 1031 How to Configure IPv6 OG ACLs
- 1031 Configuring a IPv6 Address Object Group
- 1032 Configuring a IPv6 Protocol Object Group
- 1033 Configuring ACLs with IPv6 Object Groups
- 1033 Configuring IPv6 OG ACL on an Interface
- 1033 MAC ACLs
- 1033 How to Configure Protocol-Independent MAC ACL Filtering
- 1035 How to Enable VLAN-Based MAC QoS Filtering
- 1037 ARP ACLs
- 1037 Optimized ACL Logging
- 1037 Restrictions for OAL
- 1038 Information about OAL
- 1038 How to Configure OAL
- 1038 Configuring OAL Global Parameters
- 1039 Configuring OAL on an Interface
- 1039 Displaying OAL Information
- 1039 Clearing Cached OAL Entries
- 1039 Dry Run Support for ACLs
- 1040 Restrictions for Dry Run Support
- 1040 Information About Dry Run Support
- 1040 How to Configure Dry Run Support for ACLs
- 1041 Hardware ACL Statistics
- 1041 Restrictions for Hardware ACL Statistics
- 1042 Information About Hardware ACL Statistics
- 1042 How to Configure Hardware ACL Statistics
- 1043 Cisco TrustSec (CTS)
- 1044 Flexible MACsec Replay Protection
- 1046 Hardware Supported
- 1047 AutoSecure
- 1047 Prerequisites for AutoSecure
- 1048 Restrictions for AutoSecure
- 1048 Information About AutoSecure
- 1048 AutoSecure Overview
- 1048 AutoSecure Benefits
- 1049 Simplified Switch Security Configuration
- 1049 Enhanced Password Security Enabled by AutoSecure
- 1049 System Logging Message Support
- 1049 Management Plane Security Enabled by AutoSecure
- 1049 Management Plane Security Overview
- 1050 Global Services Disabled by AutoSecure
- 1050 Per-Interface Services Disabled by AutoSecure
- 1051 Global Services Enabled by AutoSecure
- 1051 Switch Access Secured by AutoSecure
- 1052 Logging Options Enabled by AutoSecure
- 1052 Forwarding Plane Security Enabled by AutoSecure
- 1053 How to Configure AutoSecure
- 1053 Configuring AutoSecure Parameters
- 1054 Configuring Additional Security
- 1054 Verifying AutoSecure
- 1055 Examples for AutoSecure Configuration
- 1059 MAC Address-Based Traffic Blocking
- 1061 Port ACLs (PACLs)
- 1061 Prerequisites for PACls
- 1062 Restrictions for PACLs
- 1062 Information About PACLs
- 1062 PACL Overview
- 1063 EtherChannel and PACL Interactions
- 1064 Dynamic ACLs (Applies to Merge Mode Only)
- 1064 Trunk Ports
- 1064 Layer 2 to Layer 3 Port Conversion
- 1064 Port-VLAN Association Changes
- 1064 PACL and VACL Interactions
- 1065 PACL Interaction with VACLs and Cisco IOS ACLs
- 1065 Bridged Packets
- 1065 Routed Packets
- 1066 Multicast Packets
- 1067 How to Configure PACLs
- 1067 Configuring IP and MAC ACLs on a Layer 2 Interface
- 1068 Configuring Access-group Mode on Layer 2 Interface
- 1068 Applying ACLs to a Layer 2 Interface
- 1069 Applying ACLs to a Port Channel
- 1069 Displaying an ACL Configuration on a Layer 2 Interface
- 1071 VLAN ACLs (VACLs)
- 1071 Prerequisites for VACLs
- 1072 Restrictions for VACLs
- 1072 Information About VACLs
- 1073 How to Configure VACLs
- 1073 Defining a VLAN Access Map
- 1074 Configuring a Match Clause in a VLAN Access Map Sequence
- 1074 Configuring an Action Clause in a VLAN Access Map Sequence
- 1075 Applying a VLAN Access Map
- 1075 Verifying VLAN Access Map Configuration
- 1075 VLAN Access Map Configuration and Verification Examples
- 1076 Configuring a Capture Port
- 1077 Configuring VACL Logging
- 1079 Policy-Based Forwarding (PBF)
- 1079 Prerequisites for PBF
- 1080 Restrictions for PBF
- 1080 Information About PBF
- 1080 Default Settings for PBF
- 1080 How to Configure PBF
- 1081 Monitoring PBF
- 1081 Configuration Examples for PBF
- 1083 Denial of Service (DoS) Protection
- 1084 Security ACLs and VACLs
- 1084 QoS Rate Limiting
- 1085 Global Protocol Packet Policing
- 1085 Prerequisites for Global Protocol Packet Policing
- 1085 Restrictions for Global Protocol Packet Policing
- 1087 Information About Global Protocol Packet Policing
- 1087 How to Configure Single-Command Global Protocol Packet Policing
- 1088 How to Configure Policy-Based Global Protocol Packet Policing
- 1088 Configuring a Global Protocol Packet Policing Policy Map
- 1088 Unicast Reverse Path Forwarding (uRPF) Check
- 1089 Prerequisites for uRPF Check
- 1089 Restrictions for uRPF Check
- 1089 Information about uRPF Check
- 1090 How to Configure Unicast RPF Check
- 1090 Configuring the Unicast RPF Check Mode
- 1091 Enabling Self-Pinging
- 1091 Configuring Sticky ARP
- 1092 Monitoring Packet Drop Statistics
- 1092 Prerequisites for Packet Drop Statistics
- 1092 Restrictions for Packet Drop Statistics
- 1092 Information About Packet Drop Statistics
- 1092 How to Monitor Dropped Packets
- 1092 Using show Commands
- 1093 Using SPAN
- 1094 Using VACL Capture
- 1095 Control Plane Policing (CoPP)
- 1095 Prerequisites for CoPP
- 1096 Restrictions for CoPP
- 1097 Information About CoPP
- 1097 Default Settings for CoPP
- 1099 How to Configure CoPP
- 1099 Configuring CoPP
- 1100 Defining CoPP Traffic Classification
- 1100 Traffic Classification Overview
- 1101 Traffic Classification Restrictions
- 1102 Sample Basic ACLs for CoPP Traffic Classification
- 1103 Monitoring CoPP
- 1105 Dynamic Host Configuration Protocol (DHCP) Snooping
- 1105 Prerequisites for DHCP Snooping
- 1106 Restrictions for DHCP Snooping
- 1106 DHCP Snooping Configuration Restrictions
- 1106 DHCP Snooping Configuration Guidelines
- 1107 Minimum DHCP Snooping Configuration
- 1107 Information About DHCP Snooping
- 1108 Overview of DHCP Snooping
- 1108 Trusted and Untrusted Sources
- 1109 DHCP Snooping Binding Database
- 1109 Packet Validation
- 1109 DHCP Snooping Option-82 Data Insertion
- 1111 Overview of the DHCP Snooping Database Agent
- 1112 Default Configuration for DHCP Snooping
- 1113 How to Configure DHCP Snooping
- 1113 Enabling DHCP Snooping Globally
- 1114 Enabling DHCP Option-82 Data Insertion
- 1114 Enabling the DHCP Option-82 on Untrusted Port Feature
- 1115 Enabling DHCP Snooping MAC Address Verification
- 1115 Enabling DHCP Snooping on VLANs
- 1116 Configuring the DHCP Trust State on Layer 2 LAN Interfaces
- 1117 Configuring Spurious DHCP Server Detection
- 1118 Configuring DHCP Snooping Rate Limiting on Layer 2 LAN Interfaces
- 1118 The DHCP Snooping Database Agent
- 1118 Prerequisites for the DHCP Snooping Database Agent
- 1118 Restrictions for the DHCP Snooping Database Agent
- 1119 Default Settings for the DHCP Snooping Database Agent
- 1119 How to Configure the DHCP Snooping Database Agent
- 1119 Configuration Examples for the Database Agent
- 1122 Displaying the DHCP Snooping Binding Table
- 1125 IP Source Guard
- 1125 Prerequisites for IP Source Guard
- 1126 Restrictions for IP Source Guard
- 1126 Information About IP Source Guard
- 1126 Overview of IP Source Guard
- 1126 IP Source Guard Interaction with VLAN-Based Features
- 1127 Channel Ports
- 1127 Layer 2 and Layer 3 Port Conversion
- 1127 IP Source Guard and Voice VLAN
- 1127 IP Source Guard and Web-Based Authentication
- 1127 Default Settings for IP Source Guard
- 1127 How to Configure IP Source Guard
- 1129 Displaying IP Source Guard PACL Information
- 1130 Displaying IP Source Binding Information
- 1133 Dynamic ARP Inspection (DAI)
- 1133 Prerequisites for DAI
- 1134 Restrictions for DAI
- 1135 Information About DAI
- 1135 Information about ARP
- 1135 ARP Spoofing Attacks
- 1136 DAI and ARP Spoofing Attacks
- 1136 Interface Trust States and Network Security
- 1137 Rate Limiting of ARP Packets
- 1138 Relative Priority of ARP ACLs and DHCP Snooping Entries
- 1138 Logging of Dropped Packets
- 1138 Default Settings for DAI
- 1139 How to Configure DAI
- 1139 Enabling DAI on VLANs
- 1140 Configuring DAI Hardware Acceleration
- 1140 Configuring the DAI Interface Trust State
- 1141 Applying ARP ACLs for DAI Filtering
- 1142 Configuring ARP Packet Rate Limiting
- 1143 Enabling DAI Error-Disabled Recovery
- 1143 Enabling Additional Validation
- 1145 Configuring DAI Logging
- 1145 DAI Logging Overview
- 1145 DAI Logging Restrictions
- 1145 Configuring the DAI Logging Buffer Size
- 1146 Configuring the DAI Logging System Messages
- 1147 Configuring DAI Log Filtering
- 1147 Displaying DAI Information
- 1148 Configuration Examples for DAI
- 1148 Two Switches Support DAI
- 1148 Overview
- 1149 Configuring Switch A
- 1150 Configuring Switch B
- 1153 One Switch Supports DAI
- 1155 Traffic Storm Control
- 1155 Prerequisites for Traffic Storm Control
- 1156 Restrictions for Traffic Storm Control
- 1156 Information About Traffic Storm Control
- 1158 Default Setting for Traffic Storm Control
- 1158 How to Enable Traffic Storm Control
- 1159 Displaying Traffic Storm Control Settings
- 1161 Unknown Unicast Flood Control
- 1161 Prerequisites for Unknown Traffic Flood Control
- 1161 Restrictions for Unknown Traffic Flood Control
- 1162 Information About Unknown Traffic Flood Control
- 1162 Default Settings for Unknown Traffic Flood Control
- 1162 How to Configure Unknown Traffic Flood Control
- 1162 How to Configure UUFB
- 1162 How to Configure UUFRL
- 1163 Configuration Examples for Unknown Traffic Flood Control
- 1165 IEEE 802.1X Port-Based Authentication
- 1165 Prerequisites for 802.1X Authentication
- 1166 Restrictions for 802.1X Authentication
- 1166 802.1X Authentication
- 1167 802.1X Host Mode
- 1167 VLAN Assignment, Guest VLAN, Restricted VLAN, and Inaccessible Authentication Bypass
- 1169 MAC Authentication Bypass
- 1169 Web-Based Authentication
- 1169 Network Edge Access Topology (NEAT) and Client Information Signalling Protocol (CISP)
- 1170 Information About 802.1X Port-Based Authentication
- 1170 802.1X Overview
- 1171 802.1X Device Roles
- 1172 Port-based Authentication Process
- 1174 Authentication Initiation and Message Exchange
- 1176 Ports in Authorized and Unauthorized States
- 1177 802.1X Host Modes
- 1177 Host Mode Overview
- 1177 Single-Host Mode
- 1177 Multiple-Hosts Mode
- 1178 Multidomain Authentication Mode
- 1178 Multi-Auth VLAN Assignment
- 1179 Multiauthentication Mode
- 1179 Pre-Authentication Open Access
- 1179 802.1X Authentication with DHCP Snooping
- 1180 802.1X Accounting
- 1181 802.1X Authentication with VLAN Assignment
- 1182 Multiple VLANs and VLAN User Distribution with VLAN Assignment
- 1183 802.1X Authentication with Guest VLAN
- 1184 802.1X Authentication with Restricted VLAN
- 1185 802.1X Authentication with Inaccessible Authentication Bypass
- 1186 802.1X Authentication with Voice VLAN Ports
- 1187 802.1X Authentication with Port Security
- 1187 802.1X Authentication with ACL Assignments and Redirect URLs
- 1188 Overview
- 1188 Downloadable ACLs Using the Cisco Secure ACS
- 1189 Filter-ID ACLs
- 1189 Redirect URLs
- 1189 Static Sharing of ACLs
- 1190 802.1X Authentication with Port Descriptors
- 1190 802.1X Authentication with MAC Authentication Bypass
- 1191 Network Admission Control Layer 2 IEEE 802.1X Validation
- 1191 NAC Agentless Audit Support
- 1192 802.1X Authentication with Wake-on-LAN
- 1192 MAC Move
- 1193 MAC Replace
- 1194 802.1x Supplicant and Authenticator Switches with Network Edge Access Topology (NEAT)
- 1195 Default Settings for 802.1X Port-Based Authentication
- 1196 How to Configure 802.1X Port-Based Authentication
- 1197 Enabling 802.1X Authentication
- 1198 Configuring Switch-to-RADIUS-Server Communication
- 1199 Configuring 802.1X Authenticator Host Mode
- 1200 Enabling Fallback Authentication
- 1202 Enabling Periodic Reauthentication
- 1203 Manually Reauthenticating the Client Connected to a Port
- 1203 Initializing Authentication for the Client Connected to a Port
- 1204 Removing 802.1X Client Information Globally
- 1204 Removing 802.1X Client Information from an Interface
- 1204 Clearing Authentication Sessions
- 1204 Changing 802.1X Timeouts
- 1205 Setting the Quiet Period
- 1205 Setting the Switch-to-Client Retransmission Time
- 1205 Setting the Switch-to-Client Retransmission Time for EAP-Request Frames
- 1206 Setting the Switch-to-Authentication-Server Retransmission Time for Layer 4 Packets
- 1206 Setting the Switch-to-Client Frame Retransmission Number
- 1207 Setting the Reauthentication Number
- 1207 Configuring IEEE 802.1X Accounting
- 1208 Configuring VLAN User Distribution
- 1209 Configuring a Guest VLAN
- 1210 Configuring a Restricted VLAN
- 1211 Configuring the Inaccessible Authentication Bypass Feature
- 1213 Configuring MAC Authentication Bypass
- 1214 Configuring NAC Layer 2 IEEE 802.1X Validation
- 1215 Configuring NAC Agentless Audit Support
- 1215 Configuring the Switch for DACLs or Redirect URLs
- 1216 Configuring 802.1X Authentication with WoL
- 1217 Enabling MAC Move
- 1217 Enabling MAC Replace
- 1218 Configuring NEAT Authenticator and Supplicant Switches
- 1218 NEAT Authenticator Configuration
- 1219 NEAT Supplicant Configuration
- 1220 Disabling 802.1X Authentication on the Port
- 1221 Resetting the 802.1X Configuration to the Default Values
- 1221 Displaying Authentication Status and Information
- 1221 Displaying 802.1X Status
- 1222 Displaying Authentication Methods and Status
- 1225 Displaying MAC Authentication Bypass Status
- 1227 Web-Based Authentication
- 1227 Prerequisites for Web-based Authentication
- 1227 Restrictions for Web-based Authentication
- 1228 Information About Web-Based Authentication
- 1228 Web-Based Authentication Overview
- 1229 Device Roles
- 1229 Host Detection
- 1230 Session Creation
- 1230 Authentication Process
- 1231 AAA Fail Policy
- 1231 Customization of the Authentication Proxy Web Pages
- 1231 Web-based Authentication Interactions with Other Features
- 1232 Port Security
- 1232 Gateway IP
- 1232 ACLs
- 1232 IP Source Guard
- 1232 EtherChannel
- 1232 Switchover
- 1233 Default Web-Based Authentication Configuration
- 1233 How to Configure Web-Based Authentication
- 1234 Web-based Authentication Configuration Task List
- 1234 Configuring the Authentication Rule and Interfaces
- 1235 Configuring AAA Authentication
- 1235 Configuring Switch-to-RADIUS-Server Communication
- 1237 Configuring the HTTP Server
- 1237 Customizing the Authentication Proxy Web Pages
- 1238 Specifying a Redirection URL for Successful Login
- 1239 Configuring an AAA Fail Policy
- 1240 Configuring the Web-based Authentication Parameters
- 1240 Removing Web-based Authentication Cache Entries
- 1241 Displaying Web-Based Authentication Status
- 1243 Port Security
- 1243 Prerequisites for Port Security
- 1243 Restrictions for Port Security
- 1244 Information About Port Security
- 1245 Port Security with Dynamically Learned and Static MAC Addresses
- 1245 Port Security with Sticky MAC Addresses
- 1246 Port Security with IP Phones
- 1246 Default Port Security Configuration
- 1246 How to Configure Port Security
- 1247 Enabling Port Security
- 1247 Enabling Port Security on a Trunk
- 1248 Enabling Port Security on an Access Port
- 1248 Configuring the Port Security Violation Mode on a Port
- 1249 Configuring the Maximum Number of Secure MAC Addresses on a Port
- 1250 Enabling Port Security with Sticky MAC Addresses on a Port
- 1251 Configuring a Static Secure MAC Address on a Port
- 1252 Configuring Secure MAC Address Aging on a Port
- 1252 Configuring the Secure MAC Address Aging Type on a Port
- 1252 Configuring Secure MAC Address Aging Time on a Port
- 1253 Verifying the Port Security Configuration
- 1255 Lawful Intercept
- 1255 Prerequisites for Lawful Intercept
- 1255 Restrictions for Lawful Intercept
- 1256 General Configuration Restrictions
- 1257 MIB Guidelines
- 1257 Information About Lawful Intercept
- 1258 Lawful Intercept Overview
- 1258 Benefits of Lawful Intercept
- 1259 CALEA for Voice
- 1259 Network Components Used for Lawful Intercept
- 1259 Mediation Device
- 1260 Lawful Intercept Administration
- 1260 Intercept Access Point
- 1260 Content Intercept Access Point
- 1261 Lawful Intercept Processing
- 1261 Lawful Intercept MIBs
- 1261 CISCO-TAP2-MIB
- 1262 CISCO-TAP2-MIB Processing
- 1262 CISCO-IP-TAP-MIB
- 1263 CISCO-IP-TAP-MIB Processing
- 1263 How to Configure Lawful Intercept Support
- 1263 Security Considerations
- 1263 Accessing the Lawful Intercept MIBs
- 1264 Restricting Access to the Lawful Intercept MIBs
- 1264 Configuring SNMPv3
- 1264 Creating a Restricted SNMP View of Lawful Intercept MIBs
- 1265 Configuration Example
- 1266 Enabling SNMP Notifications for Lawful Intercept
- 1266 Disabling SNMP Notifications
- 1267 Index